LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Re: apache2 mod_rewrite

[ILUG] Re: apache2 mod_rewrite

Paul Mc Auley lists at peema.org
Sat Jun 21 12:50:44 IST 2008 

On Saturday 21 June 2008, Paschal Nee wrote:
> > From: Paul Mc Auley <lists at peema.org>
> > It is not possible to have multiple certs configured to handle SSL on a
> > given port on a given IP address.

> It seems this is incorrect.  There are a few options that have been
> covered here before.

> http://www.linux.ie/lists/pipermail/ilug/2007-April/092888.html

Hrm, let's see...
Colm MacCarthaigh wrote:
> 	1. Use a widlcard host record in the signed cert, and you
> 	   can virtual-host out say www.linux.ie and webmail.linux.ie
> 	   to different locations. Works just fine.

Okay, that case doesn't apply, wildcard certs apply for *.acme.com rather 
than server and server.acme.com

> 	2. Use TLS server name indication (SNI), this is actually
> 	   supported in modern browsers and puts the hostname
> 	   negotiation in the SSL layer itself.

Is that generally available? Is it something that's in use 'out there'? What 
sort of effort is involved in making the usual web server software support 
it? What is the minimum version of the popular browsers required to support 
this?

> 	3. Use the HTTP UPGRADE directive to initiate a TLS connection
> 	   after supplying the Host header. This does not enjoy wide
> 	   support in browsers, but it is support in a variety of
> 	   other HTTP clients and is useful when building APIs and
> 	   services that use HTTP as a transport layer.

And the discussion then goes on to save that the URI would still be http:// 
and talks about the encryption potentially being 'optional' which means 
that while the connection may be secured Joe User doesn't necessarily get 
the assurance of seeing https:// in the URL.
	Paul

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell