-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Jeff Lasman Sent: Monday, January 23, 2006 7:31 PM To: CentOS mailing list Subject: Re: [CentOS] Self-signed certificates
On Monday 23 January 2006 03:37 pm, Thomas E Dukes wrote:
I have seen that but it is possible to have a secure
connection using
named based virtual hosts. Been doing it for a while, visit https://mail.palmettodomains.com, just trying to get the
name on the
certificate to match. I was just tring to get a separate
certificate
for other sub-domains using different/correlating naming,
but it looks
like the certificates have to be named 'server'.key or .crt.
I'm not sure of your point, Thomas.
When I visit your site: https://mail.palmettodomains.com
I get a secure site for secure.palmettodomains.com.
Which is what I'd expect with name-based hosting, and which is what the original poster said he's trying to avoid.
There is one way to get name-based hosting to work with individual certificates and not get name mismatch errors, and that's to set up the secure site on a different port. And I don't recommend that if anyone is ever going to have to type the URL into a browser; people just get confused. My recommendation is to only do that if the connection is only by link.
Maybe that's what I need to do as these are not really 'public' sites and are only used for my purposes (mail). How would you declare port(s) 444, 445, 446, etc., as a secure/SSL site?
Thanks!!