On December 22, 2010 02:05:26 am Tony Mountifield wrote:
The thing you CAN'T do is to have name-based virtual hosting with multiple domains on a single IP address, with more than one of them using SSL. Name-based virtual hosting relies on the HTTP Host: header to identify which virtual host is being accessed. But under SSL, the headers are not sent until the encrypted SSL channel has been set up. So the only way the server can know which certificate to use is by the IP address on which the request is recieved. So multiple SSL sites on a single box MUST each have their own IP address.
Nowadays certificates can contain Subject Alternate Names and work for multiple domains. You can also get a wildcard addresses for *.yourdomain.com. Both mechanisms work fine for modern web browsers; maybe not so much for other SSL- oriented tools, though.