httpd-wiki-changes mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Httpd Wiki] Update of "NameBasedSSLVHosts" by pctony
Date Wed, 04 Jul 2007 20:50:49 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.

The following page has been changed by pctony:
http://wiki.apache.org/httpd/NameBasedSSLVHosts

The comment on the change is:
Flattening Project

------------------------------------------------------------------------------
+ ## page was renamed from ScratchPad/NameBasedSSLVHosts
  == Name-Based VirtualHosts and SSL ==
  
  As a rule, it is impossible to host more than one SSL virtual host on the same IP address
and port. This is because Apache needs to know the name of the host in order to choose the
correct certificate to setup the encryption layer. But the name of the host being requested
is contained only in the HTTP request headers, which are part of the encrypted content. It
is therefore not available until after the encryption is already negotiated. This means that
the correct certificate cannot be selected, and clients will receive certificate mismatch
warnings and be vulnerable to man-in-the-middle attacks.

Mime
View raw message