Hi!
I am currently publishing some web services on a Centos 5.3 server on my office using the included apache httpd. They are available from the Internet, and they require validation (username/password). I would like to publish them all under https, so the passwords won't travel unencrypted, but then all my sites use the same certificate on apache httpd. The solution to this is using an httpd server that supports SNI: http://en.wikipedia.org/wiki/Server_Name_Indication however, the httpd included in Centos does not have this feature. Question is: have anybody made httpd RPMs for CentOS supporting this feature? (according to the link, httpd supports this since 2.2.11) or maybe they can be requested on the CentOS Plus repositories?
Thanks!
German Pulido wrote:
Hi!
I am currently publishing some web services on a Centos 5.3 server on my office using the included apache httpd. They are available from the Internet, and they require validation (username/password). I would like to publish them all under https, so the passwords won't travel unencrypted,
You could use digest passwords instead of plaintext as well.
http://httpd.apache.org/docs/2.0/mod/mod_auth_digest.html
nate
I am currently publishing some web services on a Centos 5.3 server on my office using the included apache httpd. They are available from the Internet, and they require validation (username/password). I would like to publish them all under https, so the passwords won't travel unencrypted, but then all my sites use the same certificate on apache httpd. The solution to this is using an httpd server that supports SNI: http://en.wikipedia.org/wiki/Server_Name_Indication however, the httpd included in Centos does not have this feature. Question is: have anybody made httpd RPMs for CentOS supporting this feature? (according to the link, httpd supports this since 2.2.11) or maybe they can be requested on the CentOS Plus repositories?
You might take a look at nginx http://nginx.net/ as an SNI enabled https proxy. You should know that not all browsers/clients support SNI .. I would check out http://en.wikipedia.org/wiki/Server_Name_Indication for further details.
Barry
On 4/12/09, German Pulido gpulido@gtscolombia.com wrote:
I am currently publishing some web services on a Centos 5.3 server on my office using the included apache httpd. They are available from the Internet, and they require validation (username/password). I would like to publish them all under https, so the passwords won't travel unencrypted, but then all my sites use the same certificate on apache httpd. The solution to this is using an httpd server that supports SNI:
<snip. German: If the sites are to be used by your existing employees/customers, it is possible you could generate a free SSL certificate, for each site, that would provide the security you need? They might get a browser warning, about the SSL certificate, but the security would be there. Lanny (in Cali)
German Pulido napsal(a):
Hi!
I am currently publishing some web services on a Centos 5.3 server on my office using the included apache httpd. They are available from the Internet, and they require validation (username/password). I would like to publish them all under https, so the passwords won't travel unencrypted, but then all my sites use the same certificate on apache httpd. The solution to this is using an httpd server that supports SNI: http://en.wikipedia.org/wiki/Server_Name_Indication however, the httpd included in Centos does not have this feature. Question is: have anybody made httpd RPMs for CentOS supporting this feature? (according to the link, httpd supports this since 2.2.11) or maybe they can be requested on the CentOS Plus repositories?
Thanks!
http://fs12.vsb.cz/hrb33/el5/hrb-tls/stable/i386/repoview/ http://fs12.vsb.cz/hrb33/el5/hrb-tls/stable/x86_64/repoview/ http://fs12.vsb.cz/hrb33/el4/hrb-tls/stable/i386/repoview/ http://fs12.vsb.cz/hrb33/el4/hrb-tls/stable/x86_64/repoview/
David Hrbáč
-
Barry Brimer -
David Hrbáč -
German Pulido -
Lanny Marcus -
nate