Although I'm sure that most people get quite bored and frustrated about questions on virtual hosting that have appeared countless times in the archives I don't think I've ever noticed what I was wondering being answered.
If you had a wildcard certificate which worked for *.domain.com, would name virtual hosting be possible then assuming that all your virtual hosts were things like "secure.domain.com" and "basket.domain.com" as they are actually all using the same wildcard certificate for the SSL handshake. If anyone could answer that, it would be great and potentially save some messing when it comes to IP addresses. Cheers JB -----Original Message----- From: Dave Paris [mailto:[EMAIL PROTECTED] Sent: 21 August 2003 04:59 To: [EMAIL PROTECTED] Cc: Ian Newlands Subject: Re: virtual hosting geeze. is it that time of the month already for this question? seems like it was just yesterday when it was asked last .. maybe I'm just thinking of the other 100,000 times it was asked. in all seriousness, this dead horse has been beaten so many times on this list there isn't even a carcass left to hit at this point. please go dig through the mail list archives to see why name-based virtual hosts don't work with SSL. yes, that's a flippant answer. no, you're not likely to get a reply any more serious. -dsp On Wednesday, Aug 20, 2003, at 22:09 US/Eastern, Ian Newlands wrote: > I am currently running about 15 virtual hosts using name based on port > 80, and 1 virtual host using SSL. > > My SSL host is currently working with the following: > > <VirtualHost _default_:443> > > However I want to change this to the IP based hosting for this host, > allowing me to then add more SSL based virtual hosts on this setup, so > I tried changing this to the following: > > <VirtualHost 203.xxx.xxx.xxx:443> > > By doing this my SSL virtual host stops working altogether. > > I try the following to debug it on a remote machine: > > # openssl s_client -connect 203.xxx.xxx.xxx:443 > CONNECTED(00000003) > 27604:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown > protocol:s23_clnt.c:475: > > I do the exact same thing on the local machine and it responds with a > valid SSL response. > > Can anyone suggest might be wrong here? > > Regards, > > Ian Newlands > > _________________________________________________________________ > Hotmail is now available on Australian mobile phones. Go to > http://ninemsn.com.au/mobilecentral/signup.asp > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] This email has been scanned for all viruses by the MessageLabs SkyScan service. ********************************************************************************** This email and any files transmitted with it are confidential, and may be subject to legal privilege, and are intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error or think you may have done so, you may not peruse, use, disseminate, distribute or copy this message. Please notify the sender immediately and delete the original e-mail from your system. Computer viruses can be transmitted by e-mail. Recipients should check this e-mail for the presence of viruses. The Capita Group and its subsidiaries accept no liability for any damage caused by any virus transmitted by this e-mail. *********************************************************************************** ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
