alaric at metrocast.net
Wed Jun 17 10:37:46 CDT 2009
Patrick Giagnocavo wrote:
> The problem is that SSL makes the crypto negotiation between browser and
> server, before sending the Host: header that lets Apache figure out
> which virtual host you want.
Yeah, that's the problem exactly.
> Best bet is to run different SSL hosts on different ports; then put in a
> redirect on the http side that just redirects e.g.
> http://host1/secure redirects to https://host1:443
> http://host2/secure redirects to https://host2:453
That - doing a redirect actually on the server - is something that
hadn't occurred to me. It's a simple and fairly elegant solution that I
should have thought of myself, but didn't. And so long as the
firewall's properly set up to handle it, it should work from outside the
Phil Stracchino, CDK#2 DoD#299792458 ICBM: 43.5607, -71.355
alaric at caerllewys.net alaric at metrocast.net phil at co.ordinate.org
Renaissance Man, Unix ronin, Perl hacker, Free Stater
It's not the years, it's the mileage.
More information about the geeks