On 24 Jan 2006, at 14:30, michael nt milne wrote:
I've got a few Plone sites set-up using Apache through Zope. The
question is, I'd like to implement SSL on the site login etc, as
it's not secure without this. There's also one site I'd like to
serve completely over https. However. I'm told that you can't run
SSL on virtual hosts and can only have once SSL site per IP address.
What would be the way round this? I know I could set-up SSL on Zope
only using the following documentation:
but if I can't carry this through to Apache then I'd have to run
Zope as the web server as well as the application server.
You can run SSL on virtual hosts, but Apache cannot present different
server certificates to the browser based on virtual hosts. So every
virtual host with a hostname that does not match the certificate
Apache presents on the IP will produce nasty popup boxes on clients.
To prevent those warnings you *must* use separate IPs for every SSL-
secured hostname you plan on serving, so the statement "one SSL site
per IP" is basically correct.
I don't know if making Zope serve out SSL directly helps that (I
doubt it) because I wouldn't consider using it.
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -