httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pravinkumar_Shivakumar <Pravinkumar_Shivaku...@Satyam.com>
Subject RE: Multiple Secure Sites?
Date Mon, 04 Feb 2002 17:41:28 GMT
Hi,

Check the below Q & A


Can I have multiple SSL virtual servers on the same IP address and port
number?

No. Each SSL enabled web site must have a unique IP address and port number
combination, for the reasons detailed below: 
With HTTP/1.1, web sites can be distinguished by their hostname, rather than
just their IP address. This is done by passing the hostname of the requested
site in the 'Host:' header field in the HTTP request. The web server uses
the host header to determine which virtual server a particular request is
for. 
Unfortunately, when SSL is enabled, the entire HTTP request is encrypted. In
order to decrypt the request, the web server needs access to the correct SSL
key (each SSL enabled site has a different key). But if it were configured
to host several SSL sites on the same IP address and port number, it would
not be able to discover which site a particular request was for, and would
therefore be unable to find the appropriate SSL key. This is a classic
chicken and egg situation - the web server needs the information in the host
header to select the correct SSL key, but can't read the host header until
it's decrypted it... 
Therefore, SSL enabled virtual servers /must/ be distinguished with unique
IP address/port number combinations, and the Zeus Web Server will report an
error if you should attempt to start two SSL enabled virtual servers on the
same IP address and port number


-Pravin Kumar S


-----Original Message-----
From: Garrett Meiers [mailto:gm-ml@consulnix.com]
Sent: Monday, February 04, 2002 10:16 PM
To: Apache Mailing List
Subject: Multiple Secure Sites?



I'm having troubles setting up multiple secure sites.. I'm sure it's just
configuration problem.. But I do remember seeing some information somewhere
(may have been outdated) saying that you could not have multiple "virtual"
ssl
sites.

Is this the case?  Or has things evolved enough to allow that.

Sorry if this is a newbie question or if I missed the answer somewhere.

Garrett

--
Garrett Meiers



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
************************************************************************** 
This email (including any attachments) is intended for the sole use of the
intended recipient/s and may contain material that is CONFIDENTIAL AND
PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or
distribution or forwarding of any or all of the contents in this message is
STRICTLY PROHIBITED. If you are not the intended recipient, please contact
the sender by email and delete all copies; your cooperation in this regard
is appreciated.
**************************************************************************

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message