Re: [users@httpd] Limiting SSL to a specific virtual host

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/8/05, Boyle Owen <Owen.Boyle@xxxxxxx> wrote:
> The point about Apache 2.1 is that it includes a new module (as mentioned by Nick) which supports a new extension to TLS. This allows for "Server Name Indication" where the client tells the server what hostname it wants to connect to. Basically, it copies the Hostname up from the HTTP layer into the HTTPS layer making it visible to the TLS negotiation phase. When this is fully supported by browsers (NB - it's the browser that starts the conversation so it has to be aware of this new extension), then NBVH will be possible in SSL/TLS.

Are you sure you're not confused yourself too?
Which module would that be?

> mod_ssl Added a support for RFC 2817, which allows connections to upgrade from clear text to TLS encryption.

This one allows a HTTP connection (on port 80) to be upgraded to HTTPS
(in the same TCP connection).
What you are describing is an extension to TLS (that'll work for all
protocols), but I'm not sure if Apache supports that.

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux