[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-httpd-users
Subject: Re: [users@httpd] Apache2, Vhosts and SSL
From: "Gregor Schneider" <rc46fi () googlemail ! com>
Date: 2007-12-30 12:33:21
Message-ID: a2d59f0d0712300433y257e18efp4305b393bb902c94 () mail ! gmail ! com
[Download RAW message or body]
Pavel,
On Dec 30, 2007 4:36 AM, <pavel.stratil-jun@fenix.cz> wrote:
> not exactly true, you may try to use the SNI patch that allows several
> certs on a single ip.
>
it's still true, however, maybe the statement is not complete.
TLS is pretty new, and i.e. my firefox-browser does not accept such a
cert "for an unknown reason".
Setting up the patch is quite some work with a good chance to shoot
yourself into your toe.
Check out http://www.howtoforge.com/enable-multiple-https-sites-on-one-ip-using-tls-extensions-on-debian-etch
Btw, the error-message in my Firefox-Browser (it's 2.0.0.11) appears
when pointing to the sample web-site given in the document
https://dave.sni.velox.ch/.
Besides, when patching you will have to recompile OpenSSL, meaning
future updates (such as security updates) might turn back your
changes.
Therefore, I honestly would not recommend using this patch but wait
until a stable standard ist established.
Cheers & have a great 2008!
Gregor
--
what's puzzlin' you, is the nature of my game
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic