On Thu, 21 Nov 2002, Alex Povolotsky wrote: > Hello! > > I'm running FreeBSD, and apache/mod_ssl with virtual hosts in jailed environment. >Jail means that I can have only one IP address for apache, ipfilter's ipnat is used >to multiplex several external IPs. > > I also need to support https virtual hosts, and here my troubles begins. > > Of course, I could not use pure name-based virtual hosts, and I even understand, why. > > What's a bit worse, that I seems to be unable to obtain data from /dev/ipl from >inside the jail.
It sounds like yer jail is lacking the libs and devices for this access. Now, whether or not your jail will be safe if you move what's required to get this to function within the jail is another matter you will have to determine after setting up a working jailed testbed with those items. lsof and various other tools are you friend in this endeavor. One of the recent system admin editions had a good article on how to work through the process of setting up jailed applications I think it was the last months or two months back edition. > > Maybe someone can guide me towards proper proxy? Things like mod_real_ip should not >help much, and I'm still trying to make pound (http://www.apsis.ch/pound/) to work. > > Having received https connection via some proxy, how can I pass SSL variables by the >easiest way? > > Thanks, Ron DuFresne -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
