On Mon, 18 Mar 2002, Wayne Bollinger wrote:
> [warn] Init: You should not use name-based virtual hosts in conjunction > with SSL!! > > Apparently, a distinct IP address is needed for every SSL-based virtual > host. There's a discussion on this here: > > http://www.mail-archive.com/[email protected]/msg12130.html The reason is simple enough to understand. The certificate is presented prior to encryption being enabled, and the virtual host being queried is not known until the first request headers are sent from client to server, and that isn't done until after encryption is already enabled (you want the request to be protected in transit). -- Charlie Brady [EMAIL PROTECTED] Lead Product Developer Network Server Solutions Group http://www.e-smith.com/ Mitel Networks Corporation http://www.mitel.com/ Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739 -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
