From owner-freebsd-questions@FreeBSD.ORG Wed Mar 10 06:18:48 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D130116A4CE for ; Wed, 10 Mar 2004 06:18:48 -0800 (PST) Received: from watcher.puryear-it.com (unknown [69.2.39.107]) by mx1.FreeBSD.org (Postfix) with ESMTP id A25D143D31 for ; Wed, 10 Mar 2004 06:18:48 -0800 (PST) (envelope-from dap99@i-55.com) Received: from localhost (unknown [127.0.0.1]) by watcher.puryear-it.com (Postfix) with ESMTP id 434C034D1F; Wed, 10 Mar 2004 08:11:28 -0600 (CST) Received: from watcher.puryear-it.com ([127.0.0.1]) by localhost (watcher.puryear-it.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 17352-03; Wed, 10 Mar 2004 08:11:27 -0600 (CST) Received: from yourqqh4336axf (localhost [127.0.0.1]) by watcher.puryear-it.com (Postfix) with SMTP id 111E534D1E; Wed, 10 Mar 2004 08:11:27 -0600 (CST) Message-ID: <020701c406aa$6285cf40$6401a8c0@yourqqh4336axf> From: "adp" To: "Saint Aardvark the Carpeted" References: <008a01c404ae$24557f20$6401a8c0@yourqqh4336axf> <20040309040336.GD24522@hardesty.saintaardvarkthecarpeted.com> Date: Wed, 10 Mar 2004 08:05:03 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2720.3000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2727.1300 X-Virus-Scanned: by amavisd-new cc: questions@freebsd.org Subject: Re: Jails and SSL.. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Mar 2004 14:18:48 -0000 > > use SSL for several sites. With SSL we have to define one IP per site. Jails > > only have one IP. Is there a way around this other than just having one jail > > per SSL site? (I'd rather not do that!) > > Something I think I'm going to end up doing is running two jails: one > for http, one for https. You can bind jails to local addresses (say, > 127.0.0.3), and then use either natd or ipfw to forward different ports > to the appropriate jail. Is this possible though? I wonder if I can get Apache to listen and RESPOND FOR several SSL sites on one IP, even though externally I'm mapping several public IP's to that one IP used by the jail/Apache. I plan on trying this later this week. Has anyone already tried this though? If so, what was your experience. It's a great idea if it works!