[TriLUG] Multiple IP address per interface?
Tanner Lovelace
lovelace at wayfarer.org
Sat Apr 6 22:30:53 EST 2002
On Sat, 2002-04-06 at 21:45, Kevin - The Alchemist - Sonney wrote:
> On Sat, 2002-04-06 at 21:39, Tanner Lovelace wrote:
> > You can't because of SSL? Why not? I do.
>
> Read the mod_ssl docs. The upshot is, in ordr to do multiple-host https,
> each server needs it's own key. The key is determined by the hostname.
> The hostname isn't given until *AFTER* the connection is established.
>
> So, you need the key to establish the connection, but you don't know
> what key to use for that hostname until after the connection is
> established. Chicken-egg. So in order to use >1 hostname with mod_ssl
> (and a key per each) each https host needs it's own IP.
>
> Make sense?
Yes, but you forgot to mention you can do wildcards in SSL
certificates. That's how I use mod_ssl and vhost_alias
to do SSL on multiple websites.
Tanner
--
Tanner Lovelace | lovelace(at)wayfarer.org | http://wtl.wayfarer.org/
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
GPG Fingerprint = A66C 8660 924F 5F8C 71DA BDD0 CE09 4F8E DE76 39D4
GPG Key can be found at http://wtl.wayfarer.org/lovelace.gpg.asc
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
http://www.petitiononline.com/SSSCA/petition.html
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
Those who are willing to sacrifice essential liberties for a little
order, will lose both and deserve neither. -- Benjamin Franklin
History teaches that grave threats to liberty often come in times
of urgency, when constitutional rights seem too extravagant to
endure. -- Justice Thurgood Marshall, 1989
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 240 bytes
Desc: This is a digitally signed message part
URL: <http://www.trilug.org/pipermail/trilug/attachments/20020406/ccfeff68/attachment.pgp>
More information about the TriLUG
mailing list