On Tuesday 25 July 2006 03:18, Joshua Slive wrote: > First, SSL without a valid certificate trusted by the client is not > any safer than plain-text in the end. A "man-in-the-middle" could sit > on the wire, provide your clients with a bogus certificate, and > decrypt all the traffic on the way back and forth to the server. > Since your clients are used to hitting "ignore" on the certificate > error warnings, they would be none-the-wiser. You're absolutely right but I don't have any "clients". These services are not for public use. This isn't a production service available to real clients/customers. I have some services at home I like/need to have available from outside. Moreover, there is nothing absolutely critical and most of these services could be available through plain HTTP. Remember that I talked about a "poor's man" HTTPS virtual hosting, nothing related to production use. > Second, what you want is not possible in any released version of > apache. mod_ifenv wouldn't do it, since I'm fairly sure it cues off > env variables set at apache start time, not off dynamic per-request > env variables. That kind of per-request configuration is only > possible if individual env variables support it. That's interesting! There's nothing in the ifenv module which indicates that the env vars are dynamically called and examined. You have a big point here. > As luck would have it, I believe there is some action on the > development list about making it possible to use env variables in > ProxyPassReverse. But it isn't in any released version, and likely > won't be for some time. Thanks for the information I wasn't aware of that :-) I can test that. -- SithLord --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx