----- Original Message -----
From: "Dale M. Boresz" <[EMAIL PROTECTED]>
To: "Orion-Interest" <[EMAIL PROTECTED]>
Sent: Saturday, September 30, 2000 5:15 AM
Subject: SSL w/ virtual domains really possible?
<snip />
> I don't have any problem getting SSL to work. The problem is that with
> multiple certs and multiple virtual domains, all domains continue to use
> the same single cert - that one being the last one imported into the
> keystore. I don't understand by what mechanism the virtual domain is
> associated with a particular cert.
<snip />
HTTPS is HTTP on top of SSL. The 'on top of' part is the important thing
here. The client first connects on the socket level and negotiates the
secure connection. This includes identifying which certificate the server
uses etc. When this is done the client sends the HTTP request, this includes
the host (site) that it wants to access. Hence it is impossible to use
different certs for virtual hosts using the same IP and port. This is a
HTTPS limitation, not Orion limitation.
As for posting to this forum; as Karl already said: it is an unsupported
user to user forum. That does not prevent it from being useful of course, a
lot of users get helped in here. We will write up a short document on OI
guidelines since the current info doesnt seem to suffice. It will also be
covering stuff like not posting attachments to the list (use a link instead)
and so on.
Even if you do mail info@ you cannot rely on getting a response unless
you're a customer (which use support@ and specify their customer info etc).
It depends on how tight a schedule we're on, and these days it's pretty
tight. We're expanding with a support staff soon hopefully but even then
paying customers have to be prioritized, which I'm sure you understand.
Have a nice day!
/Magnus Stenman, the Orion team
