[FX.php List] [OFF] Strange SSL cert occurrences...
Bob Patin
bob at patin.com
Mon Jan 12 12:07:18 MST 2009
That's much more than I know about web serving... :)
When I put a static IP on one of the domains, it cleared it all up; I
guess that's what I'll have to do whenever I put more than one SSL
cert on the same web server.
Bob Patin
Longterm Solutions LLC
bob at longtermsolutions.com
615-333-6858
http://www.longtermsolutions.com
Twitter: bobpatin
iChat/AIM: bobpatin
FileMaker 9 Certified Developer
Member of FileMaker Business Alliance & TechNet
--------------------------
FileMaker hosting and consulting for all versions of FileMaker
PHP • Full email services • Free DNS hosting • Colocation • Consulting
On Jan 12, 2009, at 11:53 AM, Leo R. Lundgren wrote:
> I think that the first encountered certificate is used, due to the
> simple reason that in order to use a specific certificate based on
> what virtual host is requested, the server needs to look at the
> Host: HTTP header of the transmission, and since encrypting the
> whole transmission (including the HTTP headers) is what the
> certificate is meant to do, it's just an endless loop that doesn't
> work (for name-based virtual hosts, port-based ones should be
> different but that's not very useful for you unless you proxy the
> traffic). That's why the first cert is used.
>
> To accomodate the need we're moving towards TLS with HTTP, so that a
> HTTP connection can be set up and then "upgraded" to an encrypted
> channel post-initial-headers and pre-sending-data-that-needs-to-be-
> secure. However I dunno how far that work has gotten (I think it's
> good in "open" browsers, but IE and what not lags behind as usual).
More information about the FX.php_List
mailing list