On Thu, Jan 8, 2009 at 9:56 AM, Bruno - e-comBR <bruno@xxxxxxxxxxxxxx> wrote: > > > 2009/1/8 Brian Mearns <mearns.b@xxxxxxxxx> >> >> On Thu, Jan 8, 2009 at 9:23 AM, Eric Covener <covener@xxxxxxxxx> wrote: >> > On Thu, Jan 8, 2009 at 8:45 AM, Brian Mearns <mearns.b@xxxxxxxxx> wrote: >> >> Is that possible if I want to serve both secure and unsecure (80 and >> >> 443)? If I just setup my root configuration (i.e., not in a vhost) to >> >> listen on port 80 and 443 and turn on the SSL engine, then all the >> >> content will be encrypted, won't it? >> > >> > No, you can turn on SSL in a single virtualhost (<virtualhost *:443>) >> > and serve non-SSL from either the "base" server or another virtual >> > host (<virtualhost *:80>) > > It's nice. I've been setup today two HTTPS connections with the same > certificates, using two hosts. But I don't care so much because we use it > just for encryption. > > But I just ask: how apache "knows" what's the right private key without the > performance cost of loading/trying each key?? Remembering that before > decrypting it apache don't know what's the right vhost In the case of name-based virtual hosts it doesn't select from them at all. In the case of distinct ip:port combinations, Apache has been explicitly directed via the config about which private key is to be used for each ip:port combination. -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|