Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 28 Jul 2005 14:17:44 +0200 (CEST)
From:      Oliver Fromme <olli@lurza.secnetix.de>
To:        freebsd-stable@FreeBSD.ORG
Subject:   Re: Apache2 just listening to https?
Message-ID:  <200507281217.j6SCHiNC048246@lurza.secnetix.de>
In-Reply-To: <42E8C6B3.8010002@bmby.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Uzi Klein <uzi@bmby.com> wrote:
 > Oliver Fromme wrote:
 > > Uzi Klein <uzi@bmby.com> wrote:
 > > > Actually, SSL can not be configured per name vhost. (or at least can not 
 > > > work)
 > > > Because SSL handshake is used before http headers, it just can't be done.
 > > 
 > > You can configure SSL perfectly fine per virtual host,
 > > provided that they have separate addresses.  You can
 > > even use SSL for virtual hosts that share an address,
 > > if they listen on different ports (in this case you
 > > can use redirects for convenience, so users don't have
 > > to type the port numbers).
 > > 
 > > It's correct that SSL doesn't work for pure name-based
 > > virtual hosts (not using "special tricks"), but nobody
 > > was talking about that.
 > > 
 > 
 > note the *name vhost*

Only _you_ were talking about named virtual hosts.  :-)
They are not an issue in this case.

 > and the user's conf.

The user's configuration, as far as it has been (partially)
shown, contains just two virtual hosts which run on different
ports (port 80 for for HTTP and port 443 for HTTPS).
So name-based virtual hosts are _not_ an issue here.

Name-based virtual hosts would be a problem if you run
multiple of them on the same IP address _and_ on the same
port with SSL (usually 443).  That's not the case here.

Best regards
   Oliver

-- 
Oliver Fromme,  secnetix GmbH & Co KG, Marktplatz 29, 85567 Grafing
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.

"If you aim the gun at your foot and pull the trigger, it's
UNIX's job to ensure reliable delivery of the bullet to
where you aimed the gun (in this case, Mr. Foot)."
        -- Terry Lambert, FreeBSD-hackers mailing list.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507281217.j6SCHiNC048246>