[TriLUG] Multiple IP address per interface?

Tanner Lovelace trilug@trilug.org
06 Apr 2002 22:30:53 -0500 

--=-3pm3Juh8xFmw9I/RC0xg
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Sat, 2002-04-06 at 21:45, Kevin - The Alchemist - Sonney wrote:
> On Sat, 2002-04-06 at 21:39, Tanner Lovelace wrote:
> > You can't because of SSL?  Why not?  I do.
>=20
> Read the mod_ssl docs. The upshot is, in ordr to do multiple-host https,
> each server needs it's own key. The key is determined by the hostname.
> The hostname isn't given until *AFTER* the connection is established.
>=20
> So, you need the key to establish the connection, but you don't know
> what key to use for that hostname until after the connection is
> established. Chicken-egg. So in order to use >1 hostname with mod_ssl
> (and a key per each) each https host needs it's own IP.
>=20
> Make sense?

Yes, but you forgot to mention you can do wildcards in SSL
certificates.  That's how I use mod_ssl and vhost_alias
to do SSL on multiple websites.

Tanner
--=20
Tanner Lovelace | lovelace(at)wayfarer.org | http://wtl.wayfarer.org/
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
GPG Fingerprint =3D A66C 8660 924F 5F8C 71DA  BDD0 CE09 4F8E DE76 39D4
GPG Key can be found at http://wtl.wayfarer.org/lovelace.gpg.asc
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
         http://www.petitiononline.com/SSSCA/petition.html
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
 Those who are willing to sacrifice essential liberties for a little=20
 order, will lose both and deserve neither.  --  Benjamin Franklin=20

 History teaches that grave threats to liberty often come in times
 of urgency, when constitutional rights seem too extravagant to=20
 endure.  --  Justice Thurgood Marshall, 1989=20

--=-3pm3Juh8xFmw9I/RC0xg
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEABECAAYFAjyvvWwACgkQzglPjt52OdSWQQCgmWk3CHK0t9j/2tRkgVqWO+M7
DE4AoJ8PENVknCkRPiuxwpskPDHkKO8z
=Ppzs
-----END PGP SIGNATURE-----

--=-3pm3Juh8xFmw9I/RC0xg--