On Fri, 6 Aug 2004 09:43:03 -0700 (PDT), netmask <netmask@xxxxxxxxxxxx> wrote: > > > > For SSL to work properly on a virtual host setting the VH needs to have > > a dedicated IP. Thats been my experience. > > Yah.. You can't use HTTP 1.1 virtual names.. You must have an IP address for > each one.... > > This is because, the SSL certificate exchange is done BEFORE you send any HTTP > requests.. And the way HTTP 1.1 virtual names work is like this > > Say you host www.linux.com and www.microsoft.com on the same box, 192.168.1.1 > > You want the /index.html of linux.com > > Your browser connects to 192.168.1.1 > > does (among other commands, but these are the pertinent ones) > > GET / HTTP/1.1\r\n > Host: www.linux.com\r\n\r\n > > The 'Host' tag lets the web server know you are going to www.linux.com and > requesting that site. Under HTTP 1.0, there is no Host tag, and you'd just get > the default. > > With SSL.. since you have to verify certificate against hostname before even > making a request.. there is no way to use canonical names. > > > > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list > heh, lame attempt to make Jonathan wonder a bit, you folks are too quick to point out the impossibility :) OK, so that you are aware the fact that SSL won't work with virtual hosting, in my case, the customer wasn't happy about it. Yang
