From owner-freebsd-questions@FreeBSD.ORG Tue Oct 5 07:05:04 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 65BB2106566B for ; Tue, 5 Oct 2010 07:05:04 +0000 (UTC) (envelope-from amvandemore@gmail.com) Received: from mail-fx0-f54.google.com (mail-fx0-f54.google.com [209.85.161.54]) by mx1.freebsd.org (Postfix) with ESMTP id E76288FC1E for ; Tue, 5 Oct 2010 07:05:03 +0000 (UTC) Received: by fxm9 with SMTP id 9so4567035fxm.13 for ; Tue, 05 Oct 2010 00:05:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=CKgBDOSwu+paxad1vYngQ6NZmRCmSySjERDLmDddXQU=; b=l3pWayknjkym8zkLAu3WhvN4kcNDlr9ZnD52/3m1OHWnt4sZuYqN4BVUqeUsTFZVJh /yIjvEHn1j/a10vCa39p5UW/1Dp3iJEChUW7cbG1j4QZXqHZTViyg3nYBsuFxvfkE0Sx 2lMXzbHYK7hl9OvWco7+4GfwwJUb/lYJq0BfU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=SvsE5UX/UaxxMei3E0qLFhwcrmsRd3dRPP1tdaqd2QogK9QcPWDYslz9IlVQJhMU1W yZbdnxkxuO3Gu4/mVXLGsfvtMuQMmOlx8B5SN3X4NC5u+eRr8FQXnGa1fmxZTzMgKLJa 19L/GG9wNLrB3sm8sy3f3dXu6dAnEsgr5LGDk= MIME-Version: 1.0 Received: by 10.223.113.71 with SMTP id z7mr10193768fap.3.1286262303089; Tue, 05 Oct 2010 00:05:03 -0700 (PDT) Received: by 10.223.107.130 with HTTP; Tue, 5 Oct 2010 00:05:03 -0700 (PDT) In-Reply-To: <2C683AF7-AFA5-4D5E-8575-19455EBB142B@cwis.biz> References: <20101004221506.GA8662@polands.org> <20101005035354.GB8662@polands.org> <4CAAAC4A.5060106@boosten.org> <4CAAB89F.70907@infracaninophile.co.uk> <2C683AF7-AFA5-4D5E-8575-19455EBB142B@cwis.biz> Date: Tue, 5 Oct 2010 02:05:03 -0500 Message-ID: From: Adam Vande More To: Ryan Coleman Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: FreeBSD Mailing List , Peter Boosten Subject: Re: OT: Apache as reverse SSL proxy X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Oct 2010 07:05:04 -0000 On Tue, Oct 5, 2010 at 1:36 AM, Ryan Coleman wrote: > > On Oct 5, 2010, at 12:33 AM, Matthew Seaman wrote: > > > Nowadays there is also the possibility of RFC2817 -- in essence you > > start an ordinary HTTP session, then issue a STARTTLS command and > > upgrade the connection to encrypted. This will allow name-based virtual > > hosting with TLS to work as intended. Unfortunately, last I checked, > > while apache supports this, most web browsers do not. > > Throwing just my two bits in: Apache supports it, as does Firefox, and > nothing else (maybe Safari does...). > > IE definitely does not. I looked into this before opting to go multiple > static IPs at home for my > webservers._______________________________________________ > IE 7+ does however support RFC 3546(SNI), which is the defacto standard for accomplishing SSL name based vhosts. http://en.wikipedia.org/wiki/Server_Name_Indication -- Adam Vande More