Am 16.07.2010 11:15, schrieb Pierre Schmitz: > Didn't we have a discussion about this soem time ago? Point 1) is > simply not true. A SNI compatible client is not needed here. (at least > if you haven't altered the ssl config)
If I remember correctly, it is correct. Fact is that lighttpd can do it without SNI, but Apache can't. Apache needs to know which vhost to consider before being able to set up SSL, as SSL is not a global setting, but bound to the vhost. If SNI is not needed, then there is some _undocumented_ Apache magic: Maybe, apache chooses the default vhost, then sees it is on the wrong vhost, and switches the context again ... this will work if both vhosts use the same certificate. As I said, Apache documentation explicitly states that this is not possible.
signature.asc
Description: OpenPGP digital signature
