From owner-freebsd-questions@FreeBSD.ORG  Fri Apr 30 13:09:40 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 53EFC16A4CE
	for <freebsd-questions@freebsd.org>;
	Fri, 30 Apr 2004 13:09:40 -0700 (PDT)
Received: from mail.elvandar.org (cust.94.120.adsl.cistron.nl [195.64.94.120])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B4C0B43D5E
	for <freebsd-questions@freebsd.org>;
	Fri, 30 Apr 2004 13:09:39 -0700 (PDT)
	(envelope-from remko@elvandar.org)
Message-ID: <4092B268.1010307@elvandar.org>
Date: Fri, 30 Apr 2004 22:09:12 +0200
From: Remko Lodder <remko@elvandar.org>
X-Accept-Language: en-us, en
MIME-Version: 1.0
Cc: FreeBSD Questions <freebsd-questions@freebsd.org>
References: <20040430051944.GA28108@skytrackercanada.com>
	<20040430103917.GA7205@lb.tenfour> <409232EE.6020800@elvandar.org>
	<Pine.GSO.4.58.0404301222110.23544@mail.ilrt.bris.ac.uk>
In-Reply-To: <Pine.GSO.4.58.0404301222110.23544@mail.ilrt.bris.ac.uk>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: by amavisd-new at elvandar.org
Subject: Re: two domain names - one IP - both SSL
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Apr 2004 20:09:40 -0000

Heya,

> 
> 
> Your HTTP client is broken and isn't checking SSL certificates
> correctly? Or you didn't meet the "one IP" requirement of the original
> poster. Or you served up the same SSL certificate for every vhost.

Well it's not a real cert. indeed, i cannot afford that, and true, it's 
the same certificate for every vhost i used.

> 
> HTTPS establishes an SSL connection with the server prior to _any_ HTTP
> conversation. Since SSL requires a certificate which is linked to the
> server host name, and the virtual host name hasn't been transmitted by
> the client yet, there's no way short of ESP for the server to tell which
> SSL certificate to use. There's a detailed explanation on the apache
> website; but this isn't an apache failing so much as a general issue
> with HTTP/SSL.

Well, i keep wondering then how i got my secure webmail online, secure 
ids viewing etc. (different hostnames on the same ip adres, (i only have 
one ip addr)).



> 

-- 
--

Kind regards,

Remko Lodder
Elvandar.org/DSINet.org
www.mostly-harmless.nl Dutch community for helping newcomers on the 
hackerscene