|
After some research on this, I found that it isn't possible. Because SSL wraps the entire HTTP request (including the host headers) you currently need to have one IP for each SSL site you are running. If it's behind a firewall, that means one external, and one internal per SSL site that is using a seperate certificate. Even a firewall that can route by host name won't work with 2 domains using different certs. Subdomain sites and the use of a wildcard certificate shouldn't be an issue. But that isn't the case for my query. Because SSL wraps the HTTP request, the web server must decrypt the request before applying any host matching, such as with Virtual Hosts. So, as Apache puts it, it's a "chicken and egg" problem. Which comes first. So, Apache always will use the first certificate specified in the config to do any decrypting. There is an RFC in the works to solve this issue, but I wouldn't expect it to be implemented anytime soon juding from the talk about it. Anyhow, it does make sense. I wasn't completley aware that SSL wrapped everying... I assumed the headers were available... guess not. :) Hope this helps for anyone else that ever ventures down this road.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
