Re: Can't have SSL with multiple domain names on a single server...

[Richard Levitte - VMS Whacker]

From: "Nicolas Roumiantzeff" <[EMAIL PROTECTED]>
Subject: Re: Can't have SSL with multiple domain names on a single server...
Date: Mon, 21 Feb 2000 09:33:21 +0100
Message-ID: <002001bf7c46$4fc48f60$[EMAIL PROTECTED]>

nicolasr> >Nope, the host name is strictly part of the HTTP headers, and not
nicolasr> >available until after the SSL connection has been made.
nicolasr> 
nicolasr> 
nicolasr> The IP address is available though. You could do a reverse
nicolasr> DNS lookup to get the server name.

That doesn't help if the multiple domain web sites are implemented
through CNAMEs, which is common practice these days with all the
current common restrictions on the use of IP addresses.

nicolasr> But you would have to gess if the user uses  an URL with the
nicolasr> server name or with the IP address directly.

At the SSL level, you have to do that anyway, since all you have is
the peer address that you do a reverse lookup on...

-- 
Richard Levitte   \ Spannv�gen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-161 43  BROMMA  \ T: +46-8-26 52 47
                    \      SWEDEN       \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis             -- [EMAIL PROTECTED]

Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]