>> gold star to the first person to describe *why* name-based hosting >> doesn't work with SSL. MP> I actually dont remember that well, but I want that gold star! If memory MP> serves, its because the SSL handshake (and key exchange) takes place before MP> the client passes the host: header to the server. Thus the server wouldnt MP> know which key/cert to use with the client because it doesnt yet know which MP> site the client is trying to retrieve. All the server knows prior to the SSL MP> handshake is the IP and port that the client is connecting to. So, MP> name-based virthosting doesnt really work out so hot with SSL. Ding! Ding! Ding! You and Dave Warren can collect your gold star here: http://metalliccharm.homestead.com/files/MWXYZbcde01_AwdGolStr.gif Work is going on to remedy this situation using the "upgrade" header: http://www.zvon.org/tmRFC/RFC2817/Output/ regards, -joe
- Re[2]: Web certificate pricing? William X. Walsh
- Re[2]: Web certificate pricing? William X. Walsh
- Re[2]: Web certificate pricing? Joseph McDonald
- List mirrored on news server? Colin Viebrock
- Web certificate pricing? OpenSRS
- Re: Web certificate pricing? Mark Jeftovic
- Re: Web certificate pricing? bill
- Re: Web certificate pricing? Dave Warren
- Re: Web certificate pricing? Allen Bolderoff
- Re: Re[3]: Web certificate pricing? Matt Prigge
- Re[2]: Web certificate pricing? Joseph McDonald
- Re[2]: Web certificate pricing? William X. Walsh
- Re[3]: Web certificate pricing? Joseph McDonald
- Re: Re[3]: Web certificate pricing? Dave Warren
- RE: Web certificate pricing? Jeremy Anthony Kinsey
- RE: Web certificate pricing? Darryl Green
- Re[2]: Web certificate pricing? Sergei Kolodka
- Re[2]: Web certificate pricing? Jonathan Wray
- Re[3]: Web certificate pricing? William X. Walsh
- Re: Web certificate pricing? Mark
- Re: Web certificate pricing? ca-lists
