apache mod_ssl kai virtualhosting (fwd)
Giannis Papaioannou
jhn at egnatia.ee.auth.gr
Wed Mar 20 21:36:01 EET 2002
On Tue, 19 Mar 2002, Christos Ricudis wrote:
>To problhma me to common SSL wrapping trick einai oti to certificate
>prepei na einai gnwsto kata to TCP connection establishment. Se ekeinh th
>fash toy connection omws, den einai gnwsto se poio virtual host
>apey8ynetai to HTTP request (h plhroforia brisketai ston HTTP
>header).
exeis dikio, h plhroforia brisketai sto Host: header, opote ontws yparxei
problhma. (eimai poly blhma telika)
>Ypo8etw (den exw asxolh8ei kai poly me to SSL) oti kati tetoio
>8a mporouse na epiteyx8ei me th xrhsh kapoiou STARTTLS-like mhxanismou
>ston opoio to SSL session arxizei se ysterh fash toy connection, afou exei
>antallax8ei arketh higher-layer plhroforia wste na mporei na katalabei
>poio certificate prepei na epileksei.
otan epinoousan to https, to vhosting den yphrxe? pws tous diefyge?
>To na dwseis diaforetiko port gia ka8e vhost me SSL lynei ayto to
>problhma, alla sou dhmiourgei ena allo: ta perissotera squid proxies einai
>ry8mismena na apagoreyoyn connections se arbitrary ports (metaksy twn
>allwn gia na mh xrhsimopoieitai to squid san generic TCP proxy). Etsi,
>polloi aplws den mporoyn na doun to site sou (kai esy den to katalabaineis
>pote).
pros to paron 8a anagkastw na zhsw me port based vhosting.
thx a lot, katatopisthka kalytera.
>
>--
>Christos Ricudis
>
>ric-NOSPAM-udis at paiko.gr Remove -NOSPAM- to reply
>spamoula at paiko.gr Send your spam here
>
More information about the Linux-greek-users
mailing list