Re: [exim] Multiple SSL certificates

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: admin
Fecha:  
A: exim-users
Asunto: Re: [exim] Multiple SSL certificates
Hello Michiel,

> Yes, that what I mean. They resolve to 1 IP address. Something like
> Apache with virtual domains.


Well, you can't use certs/SSL for virtual hosts sharing the same IP
address in Apache either.

That is bc of "catch 22" problem: the requested hostname for vhost is
located in HTTP request that is encapsulated in SSL packet, while
without the hostname the webserver doesn't know which vhost config it
needs to use (see SSL FAQ). Hence, if you want to use SSL, it's only
one website per IP address.

> It can see the hostname the user used to
> connect to the server, although I think that's part of the HTTP protocol
> though.


..which is encapsulated inside the SSL. Apparently you hit the same
problem with email as the Web developers hit with vhost/SSL
combination earlier. Solution for email is probably the same as for
the web: one cert per one IP address.

Regards,
Marcin Krol