Re: Idea for SSL with name-based Vhosts using two servers, mod_rewrite, and mod_proxy

["Bruno - e-comBR" <bruno@xxxxxxxxxxxxxx>]

2009/1/8 Brian Mearns <mearns.b@xxxxxxxxx>

On Thu, Jan 8, 2009 at 9:23 AM, Eric Covener <covener@xxxxxxxxx> wrote:
> On Thu, Jan 8, 2009 at 8:45 AM, Brian Mearns <mearns.b@xxxxxxxxx> wrote:

>> Is that possible if I want to serve both secure and unsecure (80 and
>> 443)? If I just setup my root configuration (i.e., not in a vhost) to
>> listen on port 80 and 443 and turn on the SSL engine, then all the
>> content will be encrypted, won't it?
>
> No, you can turn on SSL in a single virtualhost (<virtualhost *:443>)
> and serve non-SSL from either the "base" server or another virtual
> host (<virtualhost *:80>)

It's nice. I've been setup today two HTTPS connections with the same certificates, using two hosts. But I don't care so much because we use it just for encryption.

But I just ask: how apache "knows" what's the right private key without the performance cost of loading/trying each key?? Remembering that before decrypting it apache don't know what's the right vhost
 

As I thought. So it looks like I'm falling back to my original
solution of using two servers and proxy rewrites...

Thanks,
Brian

--

Feel free to contact me using PGP Encryption:
Key Id: 0x3AA70848
Available from: http://pgp.mit.edu/

---------------------------------------------------------------------

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

-- 
Bruno Moreira Guedes <bruno@xxxxxxxxxxxxxx>
e-comBR - Depto. Infra-Estrutura
Fone: (049) 3328-4065
Chapecó-SC