Sergei Kolodka <[EMAIL PROTECTED]> said:
> >> It is a requirement of the SSL protocol that it cannot share the same
> >> IP address and port combination.
>
> BG> The cert is tied to the domain name not the IP address.
>
> BG> I'm not sure I understand what you are saying. The web server can't
> BG> tell the difference between a user typing https://somesite into their
> BG> browser versus selecting a link to https://somesite from a web page.
>
> >From mod_ssl docs:
>
I was going to post that myself, but I thought I may have missed the context.
However both comments are essentially right. The cert /is/ tied to the domain
name, not the IP address. But the cert also /has/ to be tied to a dedicated
IP address, with the sole exception of the request being made using a
different port number, which has to be explicitly requested by the user. This
ultimately because of a built-in "limitation" of SSL, in that the SSL
handshake process needs to be negotiated at a lower lever than name based
hosting.
> BG> Apache has no problem with name-based virtual hosting and SSL.
> BG> We do it all the time.
>
> Bill, anyone, please explain, how you do that ?
> Just in few words, to show the way.
>
Simple, use a different IP address or port in your VirtualHost blocks.
adam
