Date: Sat, 28 Jul 2001 15:20:23 -0500 From: "Terry Witherspoon" <t403403@hotmail.com> To: bsd-freak@mbox.com.au, freebsd-questions@FreeBSD.ORG Subject: Re: SSL Certificates Message-ID: <F181dkSmLAztxc1o8yf000008b1@hotmail.com>
next in thread | raw e-mail | index | archive | help
Hi, See http://www.modssl.org for everything you want to know about apache-modssl. You cannot do this with name based hosts. From the FAQ: The reason is very technical. Actually it's some sort of a chicken and egg problem: The SSL protocol layer stays below the HTTP protocol layer and encapsulates HTTP. When an SSL connection(HTTPS) is established Apache/mod_ssl has to negotiate the SSL protocol parameters with the client. For this mod_ssl has to consult the configuration of the virtual server (for instance it has to look for the cipher suite, the server certificate, etc.). But in order to dispatch to the correct virtual server Apache has to know the Host HTTP header field. For this the HTTP request header has to be read. This cannot be done before the SSL handshake is finished. But the information is already needed at the SSL handshake phase. Bingo! > >Hiya all, > >I need to host multiple SSL sites on my FreeBSD 4.3 box. I am currently >using Apache 1.3 + mod_ssl and am using name based virtual hosts. I don >have a lot of experience with SSL but maybe someone out ther has. > >My question is do I need a seperate digital certificate for each virtual >host? Going by the Verisign documentation it seems so but is not 100% >clear. > >Does anyone know there answer for certain? > >Thank in advance... > > --------------------------------------------- > Receive faxes 24x7, no second line necessary. > http://www.mbox.com.au/ > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F181dkSmLAztxc1o8yf000008b1>