From owner-freebsd-isp  Tue Oct  9  7: 6:25 2001
Delivered-To: freebsd-isp@freebsd.org
Received: from stuff.webintl.com (ns.webintl.com [209.248.144.5])
	by hub.freebsd.org (Postfix) with ESMTP id C663F37B405
	for <freebsd-isp@freebsd.org>; Tue,  9 Oct 2001 07:06:23 -0700 (PDT)
Received: from [192.168.123.20] (adsl-66-136-237-161.dsl.ltrkar.swbell.net [66.136.237.161])
	by stuff.webintl.com (8.9.3/8.9.3) with ESMTP id JAA28925
	for <freebsd-isp@freebsd.org>; Tue, 9 Oct 2001 09:06:22 -0500
Mime-Version: 1.0
X-Sender: freebsd@mail.webintl.com
Message-Id: <a05100301b7e8b4ca5825@[192.168.123.20]>
Date: Tue, 9 Oct 2001 09:06:20 -0500
To: freebsd-isp@freebsd.org
From: Albert Everett <freebsd@webintl.com>
Subject: ssl web sites and jail
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-isp.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-isp>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-isp>
X-Loop: FreeBSD.org

Since jails are bound to a single IP address and SSL certs work on a 
per-IP basis, it looks like I'd need a whole jail per SSL enabled web 
site.

Is this right? If so, is the usual strategy to jail non-SSL web sites 
and to leave SSL sites in the non-jail environment?

Albert

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message