tomn wrote:
> So, you can run apache-ssl with this scenario:
>
> Port 443
> Listen 1.2.3.4:444
> Listen 1.2.3.4:445
> Listen 1.2.3.4:446
>
> Then, Each VH has the same IP with the corresponding port.
> Each VH has a different Certificate.
> Each VH serves up the correct certificate.
This would a
On Wed, 18 Oct 2000, tomn wrote:
> The first is you assume all the calls go to port 443. Well, most calls to
> ssl cites are programmed in. You don't type them in.
>
> So, you can run apache-ssl with this scenario:
>
> Port 443
> Listen 1.2.3.4:444
> Listen 1.2.3.4:445
> Listen 1.2.3.4:446
ichard Levitte - VMS Whacker <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, October 18, 2000 5:04 PM
Subject: RE: SSL + VirtualHost in Apache 1.3.x
> From: Paulo Matos <[EMAIL PROTECTED]>
>
> pjsm> On Wed, 18 Oct 2000, Vadim Fed
From: Paulo Matos <[EMAIL PROTECTED]>
pjsm> On Wed, 18 Oct 2000, Vadim Fedukovich wrote:
pjsm>
pjsm> > I mean, it was answered, on this thread, several days ago.
pjsm> > To repeat it: ip address is the only way for a webserver
pjsm> > to choose a certificate/key to use for SSL handshake.
pjsm> >
On Wed, 18 Oct 2000, Vadim Fedukovich wrote:
> I mean, it was answered, on this thread, several days ago.
> To repeat it: ip address is the only way for a webserver
> to choose a certificate/key to use for SSL handshake.
> Usual instrument in plain HTTP, "Host: " header, is available
> only after
> From: "David Schwartz" <[EMAIL PROTECTED]>
>
> davids> > TLS doesn't support name-based virtual servers either.
> davids>
> davids> Someone needs to yell at the TLS working group! A
> davids> chance to 'automatically' add support for name-based virtual
> davids> hosts to all protocols lay
Richard Levitte - VMS Whacker wrote:
> This is why upgrading to TLS within the original protocol is a better
> idea, as stated in RFC2817, among others. After all, it wouldn't be
> that difficult to write a small routine library that deals with this
> kind of upgrade, or so I imagine...
Exactly
From: "David Schwartz" <[EMAIL PROTECTED]>
davids> > TLS doesn't support name-based virtual servers either.
davids>
davids> Someone needs to yell at the TLS working group! A
davids> chance to 'automatically' add support for name-based virtual
davids> hosts to all protocols layered on top
> TLS doesn't support name-based virtual servers either.
Someone needs to yell at the TLS working group! A chance to 'automatically'
add support for name-based virtual hosts to all protocols layered on top of
TLS is too good to give up. It would take decades to add that support to
each p
David Lang <[EMAIL PROTECTED]> writes:
> the problem is that TLS is not widly deployed on browsers. until it is
> trying to use it for name-based secure servers will be very
> problematic. for crying out loud people are still running into problems
> with name based normal srvers and that just requ
gt; From: Edwin Chiu [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, October 13, 2000 8:11 AM
> > To: [EMAIL PROTECTED]
> > Subject: Re: SSL + VirtualHost in Apache 1.3.x
> >
> >
> > Not all versions of IE accept wildcard certs. Look at
> > www.thawte.com and
>
<[EMAIL PROTECTED]>
> Subject: Re: SSL + VirtualHost in Apache 1.3.x
>
>
>
> On Fri, 13 Oct 2000, Poetsch, Michael wrote:
>
> > Hello Apache user community,
>
> Michael,
>
> this is not exactly apache list, anyway:
>
> > does anybody know
Vadim Fedukovich wrote:
> On Fri, 13 Oct 2000, Norman Mackey wrote:
>
> I believe it was made clear already. The only point to add
> is a recent RFC on "Upgrade to TLS".
I've read that RFC and I tried to find information on whether IE or
Netscape were planning on supporting (or did support) it a
On Fri, 13 Oct 2000, Norman Mackey wrote:
> Shouldn't it be possible to configure Apache/OpenSSL to
> handle name-based virtual hosting using TLS? Apparently
Norman,
I believe it was made clear already. The only point to add
is a recent RFC on "Upgrade to TLS".
> ARIN thinks so, since they've
indeed possible, and I would be eternally
grateful if someone could point me to any.
--
Norm Mackey (EXP.com)
> -Original Message-
> From: Edwin Chiu [mailto:[EMAIL PROTECTED]]
> Sent: Friday, October 13, 2000 8:11 AM
> To: [EMAIL PROTECTED]
> Subject: Re: SSL + VirtualHost i
Not all versions of IE accept wildcard certs. Look at www.thawte.com and
www.verisign.com for more details.
Basically a warning about the CN of the cert not matching the website name
will come up...
Edwin
"Michael T. Babcock" wrote:
> Vadim Fedukovich wrote:
>
> > Beware features of IE on proc
Vadim Fedukovich wrote:
> Beware features of IE on processing wildcarded
> certificates.
Different Michael here ... what "features" ??
__
OpenSSL Project http://www.openssl.org
User Support Maili
On Fri, 13 Oct 2000, Poetsch, Michael wrote:
> Hello Apache user community,
Michael,
this is not exactly apache list, anyway:
> does anybody know if it is possible to configure multiple virtual hosts with
> different SSL certificates? Basically it should be possible to include all
> SSL rela
Hi Michael,
Here's an example of how virtual hosts would be implemented with different
certs.
Port 443
SSLEngine on
ServerName abc.com
DocumentRoot "/usr/local/www/htdocs"
SSLCertificateKeyFile /usr/local/www/conf/ssl.key/abc.key
SSLCertificateChainFile /usr/local/www/conf/ssl.crt/ca.crt
SSLCer
19 matches
Mail list logo
