Ian G wrote:[...]
But the Apache web server still insists on presenting only one certificate (even though it has accepted the various other SSL sites in the vhosts config). Why that is is another story, but there is one furfie I noticed with Firefox in this:
read the apache documentation ;) it tells you the reason in detail why the apache always delivers only one cert...
Well, read the thread here first !
Nelson described how 'SSLv3/TLS only' SSL handshake (but not the SSLv2 compatible handshake method) supports sending the identification of the server the client intends to talk to.
But is it enough to disable SSLv2 to make Firefox send a SSLv3 only handshake with that info ? And if it does, does mod_ssl implement reading it to dispatch to the correct virtual host ? Both are doubtful.
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
