https://issues.apache.org/bugzilla/show_bug.cgi?id=56353
--- Comment #4 from [email protected] --- > Can you perhaps give more details on the rationale for such a setup? I thought it's pretty obvious, but I can give you some details: We have a server running with a default wildcard-certificate for *.schokokeks.org. So basically first we have a number of vhosts that share this certificate (config.schokokeks.org, webmail.schokokeks.org etc) and don't need any SNI at all. Then we have a large number of customer vhosts on other domains. Some of those have their own certificate, so it gets added to the vhost via SNI. But obviously, not everyone gets his own certificate, so there are also a number of domains that don't have a valid certificate at all. However, we still make these hosts available through https, so the customers can add exceptions to their browser if they want to privately access the page via https. I could obviously add the default certificate to every vhost that doesn't have its own. But this would blow up the configuration a lot for no gain and adds unneccesarry complexity. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
