On Oct 18, 2009, at 1:06 AM, Stefan de Konink wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Michiel van Es schreef: >> Just out of curiousity: >> If I get it right, SSL virtual hosting in Cherokee is only >> available if: >> >> - You use a really recent OpenSSL version (self compiled or the >> latest >> or use Fedora/FreeBSD - most known Linux distro's won't have the >> OpenSSL >> with SNI build in). > > Since SNI is there for many years the above staments is /really/ > invalid.
Yes but not many distro's use it yet. I think Ubuntu Jaunty (the one I use use it: r...@pcintelw01:~# openssl version OpenSSL 0.9.8g 19 Oct 2007 https://launchpad.net/ubuntu/jaunty/+source/openssl/+changelog (search for tlsext) right? > >> - Your clients have to use at least Vista or a recent Firefox (most >> big >> organizations still use Windows 2000/XP and IE 7 but not the Vista >> IE 7 >> of even Windows 7) > > It has to be > IE6; the rest all supports it. And even if you use IE6 > you will only get the nag screen, everything still works as expected. customers hate nag screens ;) > >> I heard a couple of months a go that it would be perhaps possible to >> implement the 'old' version of virtual hosts with unique ip- >> adresses and >> use their own SSL certs/keys. Or at least cherokee project was >> thinking >> about offering the old SSL virtual hosting. >> Is this still going to be implemented or is cherokee the only >> webserver >> forcing users to use SNI or run multiple cherokee instances (what is >> waste of resources) ? > > I guess such things are always possible, and might get a speedup if > organisations that require this behavior get support contracts ;) That's gonna be a big one..but we'll see:) Another question if I get openssl with tlsext enabled: 1) how do I cehck it with the openssl command that I really have it? 2) how do I set up ssl virtual hosting? Michiel > > > > Stefan > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.11 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEAREKAAYFAkraThAACgkQYH1+F2Rqwn3mvACcCDqt0PEVC1pNtKaatW0zOoMb > a9gAn0zUdUzO9Re7vdC/4xIK8oLl4Be2 > =Xe0o > -----END PGP SIGNATURE----- _______________________________________________ Cherokee mailing list [email protected] http://lists.octality.com/listinfo/cherokee
