httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Serge Dubrouski" <serge...@gmail.com>
Subject Re: [users@httpd] Namebased Virtual Hosts
Date Tue, 17 Oct 2006 17:05:02 GMT
On 10/17/06, Joshua Slive <joshua@slive.ca> wrote:
> On 10/17/06, Gregor Schneider <rc46fi@googlemail.com> wrote:
>
> > So what is the best practise to specify this NameVirtualHost-directive?  In
> > any file which contains the VirtualHost-directive (meaning one will contain
> > it, the others not? Or in httpd.conf?)
>
> Makes no difference.  I'd use httpd.conf.  (Actually, I would put
> EVERYTHING in httpd.conf unless you have a really complex config.  I
> don't see the point of a bunch of tiny config files.)
>
> >
> > > And in addition, your second and third ssl sites are not going to work
> > > properly.  You can only have one ssl site on each IP-address/port
> > > combination because the SSL certificate is selected before the
> > > hostname is known.
> >
> > Well, what  is going to happen  if I do specify more than one SSL-site per
> > IP/port-pair? Do I just get the message that the cert is invalid (I could
> > pretty much live with that)?
>
> Yes, you will have an invalid cert.  But note that SSL with an invalid
> cert is no more secure than ordinary HTTP.  So this may be okay for
> testing, but it doesn't provide any real security.
>
> Joshua.
>

Why?! Per my understanding the channel will be crypted anyway. Self
signed certificate is invalid from the browser point of view as well,
but it doesn't prevent crypting. Do I miss something?

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message