Sure, often with ISPs you get secure server access, and you can either use
their certificate, or purchase your own from Verisign, etc.
So, if you are using a shared certificate, even though your non-secure
domain could be http://www.yourdomain.com, your secure domain would be
https://www.myisp.com/~yourdomain/.
Thus, you can't share cookies between your HTTP and HTTPS by default.
Neal
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Robert Krueger
> Sent: Tuesday, June 20, 2000 11:37 AM
> To: Orion-Interest
> Subject: RE: Sessions And SSL
>
>
> At 11:03 20.06.00 , you wrote:
> >Sessions tracking is based on cookies, so if your two domains (http and
> >https) aren't the same (i.e. using a shared SSL certificate) then you'll
> >lose your state.
>
> could you elaborate what you mean by "shared" SSL certifcate? why
> would the
> http url be associated with a certificate?
>
> regards,
>
> robert
>
>
>
> (-) Robert Kr�ger
> (-) SIGNAL 7 Gesellschaft f�r Informationstechnologie mbH
> (-) Br�der-Knau�-Str. 79 - 64285 Darmstadt,
> (-) Tel: 06151 665401, Fax: 06151 665373
> (-) [EMAIL PROTECTED], www.signal7.de
>
