From owner-freebsd-questions@FreeBSD.ORG Mon Mar 8 20:07:34 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DFAA616A4CE for ; Mon, 8 Mar 2004 20:07:34 -0800 (PST) Received: from pd4mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id BFDEE43D2D for ; Mon, 8 Mar 2004 20:07:34 -0800 (PST) (envelope-from aardvark@saintaardvarkthecarpeted.com) Received: from pd4mr2so.prod.shaw.ca (pd4mr2so-qfe3.prod.shaw.ca [10.0.141.213]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0HUA00ANDJ753O@l-daemon> for questions@freebsd.org; Mon, 08 Mar 2004 21:01:53 -0700 (MST) Received: from pn2ml8so.prod.shaw.ca (pn2ml8so-qfe0.prod.shaw.ca [10.0.121.152]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0HUA00A4WJ75D9@l-daemon> for questions@freebsd.org; Mon, 08 Mar 2004 21:01:53 -0700 (MST) Received: from francisco.saintaardvarkthecarpeted.com (h24-87-202-31.vc.shawcable.net [24.87.202.31]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0HUA00E4VJ74DQ@l-daemon> for questions@freebsd.org; Mon, 08 Mar 2004 21:01:53 -0700 (MST) Received: from hardesty.hardesty.saintaardvarkthecarpeted.com (hardesty.saintaardvarkthecarpeted.com [192.168.23.1]) by francisco.saintaardvarkthecarpeted.com (8.12.10/8.12.10) with ESMTP id i29427B8052775; Mon, 08 Mar 2004 20:02:08 -0800 Received: from aardvark by hardesty.hardesty.saintaardvarkthecarpeted.com with local (Exim 3.36 #1 (Debian)) id 1B0YSv-0007rU-00; Mon, 08 Mar 2004 20:03:37 -0800 Date: Mon, 08 Mar 2004 20:03:36 -0800 From: Saint Aardvark the Carpeted In-reply-to: <008a01c404ae$24557f20$6401a8c0@yourqqh4336axf> Sender: Debian User To: adp Message-id: <20040309040336.GD24522@hardesty.saintaardvarkthecarpeted.com> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Content-disposition: inline User-Agent: Mutt/1.5.5.1+cvs20040105i References: <008a01c404ae$24557f20$6401a8c0@yourqqh4336axf> cc: questions@freebsd.org Subject: Re: Jails and SSL.. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Mar 2004 04:07:35 -0000 adp disturbed my sleep to write: > I want to run Apache under a FreeBSD jail. For normal http this works fine. > However, I'm a little worried that we won't be able to use jails because we > use SSL for several sites. With SSL we have to define one IP per site. Jails > only have one IP. Is there a way around this other than just having one jail > per SSL site? (I'd rather not do that!) Something I think I'm going to end up doing is running two jails: one for http, one for https. You can bind jails to local addresses (say, 127.0.0.3), and then use either natd or ipfw to forward different ports to the appropriate jail. HTH, Hugh -- Saint Aardvark the Carpeted aardvark@saintaardvarkthecarpeted.com Because the plural of Anecdote is Myth.