ssl on named virtual hosts

*** franv wrote/escribió (Wed, 29 Sep 2004 19:13:17 GMT):
 > I've got 2 virtual hosts running on Mandrake 10.0. They run fine except
 > when it comes to ssl. I've of course googled around and found quite a few
 > entries that say it's not possible to do ssl on named vhosts and others
 > that say the contraty.

You can do SSL with name based hosts. However, you must be aware that
Apache will only use 1 certificate for each IP/port combination. That's
because encryption happens one level above virtual hosts: first of all,
browser and server negotiate the secure connection and *afterwards* one or
another host is served.


--
-- Álvaro G. Vicario - Burgos, Spain
-- Thank you for not e-mailing me your questions
--<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: ssl on named virtual hosts 

 >
 > You can do SSL with name based hosts. However, you must be aware that
 > Apache will only use 1 certificate for each IP/port combination. That's
 > because encryption happens one level above virtual hosts: first of all,
 > browser and server negotiate the secure connection and *afterwards* one or
 > another host is served.


is that what is referred to as "shared ssl"?
im looking into ssl a well and read that some host offered "shared ssl".
that concept escapes me because I was under the impression that each site
or virtual host had 1 cert/ key specific to that domain. wouldn't sharing
defeat the idea of making
the cert unique to that site?<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: ssl on named virtual hosts 

shared ssl is e.g:

<a style='text-decoration: underline;' href="https://secure.hostingproviderdomain.co.uk/customerdomain1/checkout.php" target="_blank">https://secure.hostingproviderdomain.co.uk/customerdomain1/checkout.php</a>
<a style='text-decoration: underline;' href="https://secure.hostingproviderdomain.co.uk/customerdomain2/checkout.php" target="_blank">https://secure.hostingproviderdomain.co.uk/customerdomain2/checkout.php</a>

they all share the secure.hostingproviderdomain.co.uk ssl cert


"Niteshade" <shadownetwork RemoveThis @bellsouth.net> wrote in message =
news:0Y%6d.122136$Np2.25974@bignews4.bellsouth.net...
 >=20
  > >
  > > You can do SSL with name based hosts. However, you must be aware =
that
  > > Apache will only use 1 certificate for each IP/port combination. =
That's
  > > because encryption happens one level above virtual hosts: first of =
all,
  > > browser and server negotiate the secure connection and *afterwards* =
one or
  > > another host is served.
 >=20
 >=20
 > is that what is referred to as "shared ssl"?
 > im looking into ssl a well and read that some host offered "shared =
ssl".
 > that concept escapes me because I was under the impression that each =
site
 > or virtual host had 1 cert/ key specific to that domain. wouldn't =
sharing
 > defeat the idea of making
 > the cert unique to that site?
 >=20
 ><!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: ssl on named virtual hosts 

Thanks very much to all who answered. I'm still trying to figure out how
to make it work. Generated a new key and placed it in
/etc/httpd/conf/ssl.cert/server.crt and .key but am still getting the same
error message...

But working on it.

Again thanks

Franv

 > *** franv wrote/escribió (Wed, 29 Sep 2004 19:13:17 GMT):
  >> I've got 2 virtual hosts running on Mandrake 10.0. They run fine except
  >> when it comes to ssl. I've of course googled around and found quite a few
  >> entries that say it's not possible to do ssl on named vhosts and others
  >> that say the contraty.
 >
 > You can do SSL with name based hosts. However, you must be aware that
 > Apache will only use 1 certificate for each IP/port combination. That's
 > because encryption happens one level above virtual hosts: first of all,
 > browser and server negotiate the secure connection and *afterwards* one or
 > another host is served.
 >
 >
 > --
 > -- Álvaro G. Vicario - Burgos, Spain
 > -- Thank you for not e-mailing me your questions<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: ssl on named virtual hosts