Apache and SSL
NoOp
glgxg at sbcglobal.net
Mon Mar 21 18:55:14 UTC 2011
On 03/21/2011 06:12 AM, Hal Burgiss wrote:
> 2011/3/21 Markus Schönhaber <ubuntu-users at list-post.mks-mail.de>
>
>> 21.03.2011 11:21, Hal Burgiss:
>>
>> > You can do as many as you want, but need one IP address for each SSL
>> > certificate.
>>
>> No. SNI is designed to circumvent this need:
>> http://tools.ietf.org/rfcmarkup?doc=4366#section-3.1
>>
>>
> The fact that IE on XP is not supported is a big problem. That's a huge user
> base. Unless you are doing an intranet and don't care.
http://en.wikipedia.org/wiki/Server_Name_Indication#Support
http://en.wikipedia.org/wiki/Server_Name_Indication#No_support
Note the ref to Apache Tomcat as well.
Also note that the article references RFC 4366. RFC 4366 is obsoleted by
RFC 5246 and RFC 6066:
See:
https://datatracker.ietf.org/doc/rfc4366/
https://datatracker.ietf.org/doc/rfc6066/
https://datatracker.ietf.org/doc/rfc5246/
Also, the issue with konqueror is resolved:
https://bugs.kde.org/show_bug.cgi?id=174933
So it's worth reading the article with a view to fact checking :-)
More information about the ubuntu-users
mailing list