Hi.
I'm not an expert at anything below, that's why I am asking.
I am also not looking for a very precise answer, just a rough summary.
The question :
As I remember from reading about this a while ago, there is/was a
fundamental incompatibility between the HTTP Virtual Host mechanism, and
HTTPS/SSL, in the sense that there is some egg-and-chicken problem
involved, which roughly goes like this :
- the client connects to the host and requests an encrypted connection
to a certain hostname
- the host and client negociate the encryption (based or not on the name
of the host)
- on subsequent requests, the client sends the request encrypted,
including the "Host:" header that (acording to the HTTP protocol) should
indicate the name of the Virtual Host it wants to talk to
- the server should decode the request (including this "Host:" HTTP
header) in order to determine which Host the request is addressed to,
but it can't because it does not know which host it is yet, and thus
cannot decode the request
- we are thus stuck
Is the above, very roughly and approximatively still a valid explanation
of what happens, or is it totally wrong, or has something changed
in-between that I am unaware of ?
Thanks
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
