On Fri, 2004-08-06 at 12:32, Yang Xiao wrote: > On Fri, 6 Aug 2004 09:43:03 -0700 (PDT), netmask <netmask@xxxxxxxxxxxx> wrote: > > > > > > For SSL to work properly on a virtual host setting the VH needs to have > > > a dedicated IP. Thats been my experience. > > > > Yah.. You can't use HTTP 1.1 virtual names.. You must have an IP address for > > each one.... > > > > This is because, the SSL certificate exchange is done BEFORE you send any HTTP > > requests.. And the way HTTP 1.1 virtual names work is like this > > > > Say you host www.linux.com and www.microsoft.com on the same box, 192.168.1.1 > > > > You want the /index.html of linux.com > > > > Your browser connects to 192.168.1.1 > > > > does (among other commands, but these are the pertinent ones) > > > > GET / HTTP/1.1\r\n > > Host: www.linux.com\r\n\r\n > > > > The 'Host' tag lets the web server know you are going to www.linux.com and > > requesting that site. Under HTTP 1.0, there is no Host tag, and you'd just get > > the default. > > > > With SSL.. since you have to verify certificate against hostname before even > > making a request.. there is no way to use canonical names. > > > > > > > > > > -- > > fedora-list mailing list > > fedora-list@xxxxxxxxxx > > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list > > > > heh, lame attempt to make Jonathan wonder a bit, you folks are too > quick to point out the impossibility :) > OK, so that you are aware the fact that SSL won't work with virtual > hosting, in my case, the customer wasn't happy about it. > > Yang > It DOES work with virtual hosting. Just not with multiple host names on the same IP. If each host name has its own IP it works flawlessly.
