On 2009.11.15 at 21:01:13 -0500, H??cber C??rdova wrote: > Hi *, > > Certainly you can configure Apache to use virtualHosts based on domain > names, > and this works perfect with HTTP (1.1). However, this cannot be achieved > using > SSL, and the answer is simple, the SSL is established using the server IP, > and > during the SSL negotiation (handshake), there is no mention to > servername/domain, the server certificate/private keys are used during the > negotiation, and Apache needs to know what certificate is going to use (and
Since 0.9.8f OpenSSL supports SNI (server name indication) TLS extension. Support of this extension in mod_ssl is discussed on httpd-...@apache.org for years, and even if it haven't yet got into release, you definitely can find patches in the apache bugzilla. So, it is theoretially possible for Apache to know name of virtual host on the stage of TLS handshake. But only if browser supports this extension (it seems that all modern browsers do). ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
