On Fri, 26 Sep 2003, Mike Fischer wrote:Sam Stickland wrote:
Out of interest, why are you alloacting an IP address per VirtualHost?SSL. Can't run SSL on VirtualHosts without an assigned IP-Address.You /can/ run multiple SSL sites on the same IP. Just that you cannot have a proper /certficate/ for more than one.
Yes and this way you hinder all progress people are trying to make in setting up proper security procedures (and getting users to be aware of them).
Certificates are completely useless unless used with the corresponding server. Anything else would be like everyone from one family sharing the same ID-card with the grandfathers photo on it. Only the cops don't just click away one pesky window...
Let's not argue about this. I'm glad for your shared wisdom and that I didn't have to find out the hard way about the IPROOT cap. And I promise not to waste so many IP-addresses.
Company has it's own root-CA. It's sufficient for what SSL is currently being used for.Hope not everyone will want SSL access.Unless they are willing to pay SEVERAL HUNDRED DOLLAH extra for the signed certificate, they're hardly going to be wanting SSL...
Thanks for the help.
Regards, Mike
