Scott Goodwin wrote: > Set up your NIC adaptor with two separate IPs. Then one nsopenssl module > can listen on 192.168.10.10:443 and the other on 192.168.10.11:443. > One AOLserver process can run two nsopenssl modules at the same time, you > just have to make the second one have a different name, as you said, both > in the nsd.tcl file and in the /bin dir. I have our second one called > nsopenssl2 in nsd.tcl and I've created a hardlink from /bin/nsopenssl > to /bin/nsopenssl2.
Peter M. Jansson wrote: > You will need to use 2 separate IP addresses, because HTTP over SSL > establishes the connection, exchanges certificates, and then starts the > HTTP stuff -- this means that the name for the IP must match the > certificate, and you don't yet know the virtual host being served. This > is a problem for all HTTP servers at this time. Thanks, Scott, Peter! I ended up setting up two IPs as you both suggested, and having a single AOLserver instance listening on two different nssock (ie, enabling port 80 on both servernames) and two different nsssle modules (ie, enabling port 443 on both servernames), with separate module names and separate copies of the binaries, as Scott mentioned. This worked perfectly. Thanks again, Nuno
