how do you accomplish the second part of step 1?
the data stream is encrypted and the decryption mechanism
exists on the server that handles that IP address.
that is the same reason that name based virtual hosts do not work.
the name is in the encrypted data stream. the name cannot be
decrypted until it is given to the correct process that has access to
the decryption key. we dont know which one that is until it is
decrypted. catch 22.
cliff rayman
genwax.com
Blair Lowe wrote:
> Just some crazy ideas:
>
> 1. Have the webserver behing the firewall, and have a separate
> private (eg. 192.168.x.x) IP address for each virtual host. This
> solves the problem of having to have multiple Internet addresses.
>
> Make the firewall, or some DMZ box translate the incomming request
> for a.domain.at:443 to the private IP address.
>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
