Bertrand Delacretaz wrote: > > http and https use different port numbers, so you will need two > virtual hosts if you want to serve parts of your site without SSL. > > IMHO a clean way of doing this is to use different hostnames, like > https://apps.mydomain.com and http://files.mydomain.com - this helps > avoid any confusion about what's secure and what's not. > > -Bertrand
Note, that in that case one would have to ensure that the hostname for https is not an alias. Otherwise, the reverse lookup of the ip address for the alias would reveal another hostname than the one in the certificate. Cheers, Thomas -- -------------------------------------------------- Dr. Thomas Soddemann | Boltzmannstrasse 2 Projects Engineer | 85748 Garching Rechenzentrum der MPG | Germany am MPI fuer Plasmaphysik | --------------------------------------------------- phone: +49 89 3299 2694 | fax: +49 89 3299 1301 --------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
