[geeks] Apache
Patrick Giagnocavo
patrick at zill.net
Wed Jun 17 10:09:43 CDT 2009
Phil Stracchino wrote:
> A quick Apache question, just in case anyone's ever had to figure this
> one out:
>
> Apache has no problem putting multiple HTTP named virtual hosts on a
> single IP. But it objects to having HTTPS named virtual hosts.
>
> Now, suppose you have only a single external IP address available. And
> you need - or at least want - to have two HTTPS virtual hosts behind
> that IP. Does anyone know how to do this without Apache complaining
> about it?
>
> I don't actually *NEED* SSL for what I'm doing right now. But I'd like
> to figure out whether there's a way to make it work properly.
>
>
The problem is that SSL makes the crypto negotiation between browser and
server, before sending the Host: header that lets Apache figure out
which virtual host you want.
Thus you cannot really have different virtual hosts served up under SSL.
There is a facility in TLSv3.0 specification I think, that can sort-of
have this functionality, but it is still hackish.
Best bet is to run different SSL hosts on different ports; then put in a
redirect on the http side that just redirects e.g.
http://host1/secure redirects to https://host1:443
http://host2/secure redirects to https://host2:453
etc.
That way you can just bookmark the http://host1/secure and always be
redirected to the secure page without having to remember extra stuff.
--Patrick
More information about the geeks
mailing list