Magnus Stenman wrote:
> ----- Original Message -----
> From: "Dale M. Boresz" <[EMAIL PROTECTED]>
> To: "Orion-Interest" <[EMAIL PROTECTED]>
> Sent: Saturday, September 30, 2000 5:15 AM
> Subject: SSL w/ virtual domains really possible?
>
> <snip />
> > I don't have any problem getting SSL to work. The problem is that with
> > multiple certs and multiple virtual domains, all domains continue to use
> > the same single cert - that one being the last one imported into the
> > keystore. I don't understand by what mechanism the virtual domain is
> > associated with a particular cert.
> <snip />
>
> HTTPS is HTTP on top of SSL. The 'on top of' part is the important thing
> here. The client first connects on the socket level and negotiates the
> secure connection. This includes identifying which certificate the server
> uses etc. When this is done the client sends the HTTP request, this includes
> the host (site) that it wants to access. Hence it is impossible to use
> different certs for virtual hosts using the same IP and port. This is a
> HTTPS limitation, not Orion limitation.
>
> As for posting to this forum; as Karl already said: it is an unsupported
> user to user forum. That does not prevent it from being useful of course, a
> lot of users get helped in here. We will write up a short document on OI
> guidelines since the current info doesnt seem to suffice. It will also be
> covering stuff like not posting attachments to the list (use a link instead)
> and so on.
>
> Even if you do mail info@ you cannot rely on getting a response unless
> you're a customer (which use support@ and specify their customer info etc).
> It depends on how tight a schedule we're on, and these days it's pretty
> tight. We're expanding with a support staff soon hopefully but even then
> paying customers have to be prioritized, which I'm sure you understand.
>
> Have a nice day!
>
> /Magnus Stenman, the Orion team
Magnus,
Thanks very much for the response, and I apologize for trying to flag you down
via the group. I understand the tight schedule you guys must be under, and that
responses must be prioritized.
Thanks again,
-Dale
