John,
With Stronghold 3 (a MOD_SSL derivative) on Apache 1.3.19. You can use IP
based NameVirtualHosts with SSL.
NameVirtualHost ipx:443
<VirtualHost ipx:443
ServerName www.servera.com
...
<SSL info> for www.servera.com
....
</VirtualHost>
<VirtualHost ipx:443
ServerName www.serverb.com
....
<SSL info> for www.serverb.com
....
</VirtualHost>
NameVirtualHost ipy:443
<VirtualHost ipy:443
ServerName www.serverc.com
....
<SSL info> for www.serverb.com
....
</VirtualHost>
Restrictions:
- ipx must resolve to a NIC on the local machine and the local machine
must
be able to resolve ipx to www.servera.com and www.serverb.com.
- all requests for www.servera.com and www.serverb.com must come in on
ipx.
- ipy must resolve to a NIC on the local machine and the local machine
must
be able to resolve ipy to to www.serverc.com.
- all requests for www.serverc.com must come in on ipy.
- the certificate for www.servera.com must be for www.servera.com
- the cetrificate for www.serverb.com must be for www.serverb.com
- the certificate for www.serverc.com must be for www.serverc.com
This appears to be a change in the Apache 1.3.19 version. I'm using this on
Stronghold 3. Although, I have not tried it on MOD-SSL, I'm under the
impression that this will work with MOD-SSL on Apache 1.3.19 and beyond.
regards,
David Marshall
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 20, 2001 2:00 AM
To: [EMAIL PROTECTED]
Subject: RE: http and https, same instance
> -----Original Message-----
> From: Christopher Piggott HOME [mailto:[EMAIL PROTECTED]]
> Sent: 19 July 2001 16:49
> To: [EMAIL PROTECTED]
> Subject: http and https, same instance
>
>
> Is it reasonable to expect to run some http and some https
> traffic on the
> same instance of apache 1.3 ?
>
If you mean running name based virtual hosts on port 80 (http) and a single
host on port 443 (https), the answer is of course, and we do that ourselves!
Just to clarify, you can't use name based hosts for secure sites. They are
OK for non-secure sites. There is one exception that is probably of very
little use to anyone.
-
John Airey
Internet Systems Support Officer, ITCSD, Royal National Institute for the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]