From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 09:12:10 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 31BCC16A4CE for ; Thu, 12 Feb 2004 09:12:10 -0800 (PST) Received: from mx2.dobleJ.net (243.Red-213-97-10.pooles.rima-tde.net [213.97.10.243]) by mx1.FreeBSD.org (Postfix) with ESMTP id C258C43D1F for ; Thu, 12 Feb 2004 09:12:08 -0800 (PST) (envelope-from juanjo.listas@dobleJ.net) X-Server: Reenviado vía mx2.dobleJ.net From: Juan Jose Sanchez Mesa To: "Marc G. Fournier" , X-Mailer: PocoMail 3.03 (1740) - Licensed Version Date: Thu, 12 Feb 2004 18:11:57 +0100 Message-ID: <2004212181157.302775@juanjo> In-Reply-To: <20040212125320.U40659@ganymede.hub.org> Mime-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable Subject: Re: Multiple SSL Domains on one IP ... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 17:12:10 -0000 (sorry for my bad english) > a) is this possible at all? last I checked, I swear that you couldn't > have multi-SSL certs loaded up per IP, but not sure if that is a limit in > the certs themselves, or Apache? Is not possible, because the SSL negotiation is done before any header is= sent from browser to Apache. Apache can't know what virtual server is the= browser accesing to use the correct cert. Then, the selection is done using= the IP in which the browser is connecting. You must have one SSL cert per IP. > > b) does anyone out there offer a wildcard cert that would allow this? > from what I'm finding, they allow *., but not just * ... or maybe > some way of sign'ng the cert for the specific IP? Wildcard certs are valid to subdomains only, not for domains. Best regards.