[rt-users] RT using SSL

[Leon Sonntag]

At 09:16 AM 12/8/03, Jorey Bump wrote:
>Vivek Khera wrote:
>
>>>>>>>"BM" == Bill McGonigle <bill at zettabyte.net> writes:
>>
>>BM> Hi, Leon,
>>BM>     To the best of my knowledge you can't do virtualhosting with SSL.
>
>In fact, most SSL is done in a virtual host container (at least with 
>apache, it is).
>
>>yes, you can.  you cannot do *name-based* virtuals -- they must be
>>IP-based as you've pointed out.

Did not realize that...THNX


>But don't interpret this to mean that you can have only one SSL host (or 
>hostname) per IP address. Technically, the only difference between IP- and 
>name-based hosts is that name-based hosts can share the same port on the 
>same IP. It's up to the browser to ask the server for the right host, 
>otherwise it will serve the default.
>
>This means that you can set up multiple SSL hosts on the same IP if they 
>listen on different ports:
>
>  https://www.example.com  (listens on standard port 443)
>  https://support.example.com:444
>
>Both hostnames resolve to the same IP, but have their own virtual host 
>container, so they are able to serve up their own certificates. Most 
>people would want to use the nonstandard port for internal use only, such 
>as with a trouble ticket system. ;)

Now that I think about it, that bears out.  We have another system that 
multiple SSL servers on it.

I think I have some other issues too though be cause the SSL servers starts 
and serves pages but only serves the default page.  I only have the one SSL 
server on that APACHE server.  I will make sure that the virtual SSL is 
setup as IP based rather than name based though.




>_______________________________________________
>rt-users mailing list
>rt-users at lists.fsck.com
>http://lists.fsck.com/mailman/listinfo/rt-users
>
>Have you read the FAQ? The RT FAQ Manager lives at http://fsck.com/rtfm

Most anything is easy after you've done it successfully a few times

Leon Sonntag
Innovative Web Applications
leon at iwa-solutions dot com