I had been looking at using multiple certs with name-based hosting,
and was wondering how you do it. Now that I know you can't, I'm
somewhat disappointed... but I had an idea :)
Is it possible to use mod_rewrite in apache to redirect requests
to the appropriate virt-host directory AFTER the SSL handshake has
taken place? Be very useful if this can be pulled off...
Kirk
----- Original Message -----
From: "Dave Warren" <[EMAIL PROTECTED]>
To: "Csongor Fagyal" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Saturday, April 14, 2001 6:22 AM
Subject: Re: R: Secure Certificate Installed
> > Actually it might seem annoying at first, but very useful OTOH. Https is
> an
> > http "stream" through an encrypted channel. If you use https, even your
> > URL-s are encrypted. This is very important, as one might chose to send
> > to-be-secured data put in the URL. OR, you might want to keep secret
that
> > your admin page is at monkey.whatever.com, so others don't even know
where
> > to try hacking into your system. When there's an https request
generated,
> > first the secured tunnel is built up - just like a regular TCP
> connection -
> > and only after that is when your client starts to send the request data.
>
> I agree 100% it's a good design. It limits the use of name based vhosts,
> but that's life if you want security.
>
>
> ========================================================
> Dave Warren,
> Email: [EMAIL PROTECTED]
> Pager: [EMAIL PROTECTED]
> ========================================================
>
