Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 21 Sep 2000 13:00:24 -0400 (EDT)
From:      Jim Flowers <jflowers@peony.ezo.net>
To:        James Housley <jim@thehousleys.net>
Cc:        Neil Blakey-Milner <nbm@mithrandr.moria.org>, freebsd-isp@FreeBSD.ORG
Subject:   Re: named virtual hosts
Message-ID:  <Pine.BSF.4.21.0009211242560.56056-100000@peony.ezo.net>
In-Reply-To: <39CA3425.BA0E4B4@thehousleys.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
OTOH, you can use the same IP# and unique ports (443. 444, 445 etc).  Just
assign an alias IP# to your interface and direct unsecure access to one
IP# with named hosts and secure access to the alias.  For example:

www.wondershop.com A xxx.xxx.xxx.19
my.secure.server.com A xxx.xxx.xxx.20
secure.wondershop.com CNAME my.secure.server.com.

then

<VirtualHost xxx.xxx.xxx.20:445>
DocumentRoot "/home/vhosts/wondershop.com/secure"
ServerName "secure.wondershop.com"

etc.

The named hosts require:

NameVirtualHost xxx.xxx.xxx.19

But otherwise work as documented.

All your really have to do is configure dns to get the packets there, do
named virtual hosts on one IP# (even mass virtual hosts) and separate the
SSL on the other IP# with unique ports.

Jim Flowers <jflowers@ezo.net>
#4 ranked ISP on C|NET #1 in Ohio

On Thu, 21 Sep 2000, James Housley wrote:

> Neil Blakey-Milner wrote:
> > 
> > On Wed 2000-09-20 (18:35), Tony Finch wrote:
> > > Steve Price <sprice@hiwaay.net> wrote:
> > > >
> > > >NameVirtualHost 192.168.21.21
> > > ><VirtualHost 192.168.21.21>
> > > ></VirtualHost>
> > > ><IfDefine SSL>
> > > > <VirtualHost 192.168.21.21:443>
> > > > </VirtualHost>
> > > ></IfDefine>
> > >
> > > You can't do SSL with name-based virtual hosts.
> > 
> > Why not?
> > 
> The SSL specification does not allow it. 
> https://www.thawte.com/support/server/apachessl.html and look at #8
> 
> Jim
> -- 
> Hi! I'm a .signature virus! Copy me in your ~/.signature
> to help me spread!             <- Save this lifeform ;-)



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0009211242560.56056-100000>