Please separate your reply from the quoted text... And I never intended this to turn into an in-depth discussion, I just wanted the OP to know that it was possible to do name-based SSL vhosting on apache with a single IP...
On 2010-05-29 10:02 AM, Jean-Pierre van Melis wrote: >> Well, in my initial comment I did leave out one other (seemingly >> obvious) aspect - the only way to use name based virtual hosts on a >> single IP is with a single cert with multiple names - which means >> a self-signed cert - and it is this that causes you to lose the >> auth aspect to SSL (no way to prove you are who you claim to be). > You deliberately downplay the importance of the "auth aspect" (as you > call it) and thereby redefine "a certified connection". No, I didn't 'downplay' it - I merely pointed out the difference between securing the connection, and proving who you are - as I said, two *different* aspects to the use of an SSL cert. > I don't consider it "an aspect" but part of the definition of a > "secure connection". Then self-signed certs aren't for you. Fine. Bu that doesn't mean that others cannot benefit from such techniques. As I said, it depends on the purpose/use, and your needs/wants... If you are hosting a secure shopping cart, then using self-signed certs isn't a (practical) option. But if you are hosting lots of different domains, and only need to provide encrypted connections for web based management tools and/or email connections, this is a viable option - it works just fine, and provides 100% secure connections (secure meaning from port sniffers). Again, the only downside is, because the cert is self-signed, it is NOT 'verified' by a 3rd party. This is very important for certain use cases, and may be important to some for other/all use cases. Regardless, the fact is, it is very easy to do name-based virtual hosts over SSL on a single IP. -- Best regards, Charles ------------------------------------------------------------------------------ _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
