[CentOS] do i need a dedicated ip address for https?

Les Mikesell lesmikesell at gmail.com
Thu Dec 23 00:08:47 UTC 2010


On 12/22/2010 5:40 PM, Ben McGinnes wrote:
>
> Most people wanting SSL on their website see it as a business
> requirement and most of those sites are running on shared or VPS
> hosting.

The issue is that the server needs to know the hostname given to the 
browser to find the matching certificate, and the only way to do that 
and stay on the standard port 443 with the apache version on centos is 
to bind each virtual host to a different IP address.  Per the apache ssl 
faq at http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#vhosts2, 2.2.12 
or later supports SNI where the browser passes the hostname before the 
ssl session starts.

-- 
   Les Mikesell
    lesmieksell at gmail.com



More information about the CentOS mailing list