Re: do i need a dedicated ip address for https?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On December 22, 2010 02:05:26 am Tony Mountifield wrote:
> The thing you CAN'T do is to have name-based virtual hosting with multiple
> domains on a single IP address, with more than one of them using SSL.
> Name-based virtual hosting relies on the HTTP Host: header to identify
> which virtual host is being accessed. But under SSL, the headers are
> not sent until the encrypted SSL channel has been set up. So the only
> way the server can know which certificate to use is by the IP address
> on which the request is recieved. So multiple SSL sites on a single
> box MUST each have their own IP address.

Nowadays certificates can contain Subject Alternate Names and work for multiple 
domains. You can also get a wildcard addresses for *.yourdomain.com. Both 
mechanisms work fine for modern web browsers; maybe not so much for other SSL-
oriented tools, though. 
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux