Previous Message Next Message
Forum List Message List New Topic Print View
Igor Sysoev
September 28, 2009 08:18AM
On Mon, Sep 28, 2009 at 11:56:25AM +0100, Nuno Magalh??es wrote:

> > http://wiki.cacert.org/VhostTaskForce
> > http://en.wikipedia.org/wiki/Server_Name_Indication
>
> Yeah i had read that before and a similar one here [1], but what bugs
> me is the browser support for SSLv3/TLS SNI:
> * Mozilla Firefox 2.0 or later
> * Opera 8.0 or later (the TLS 1.1 protocol must be enabled)
> * Internet Explorer 7 (Vista, not XP) or later
> * Google Chrome (Vista, not XP)
> * Safari 3.2.1 Mac OS X 10.5.6
>
> I doubt anyone still uses FF 2.0, but the others will cause problems.
> I'd like to avoid relying on browser compatibility, hence my post. I
> don't want to use one general cert for multiple sites, i want one cert
> per site; and no wildcard [2].
>
> So, do i have to use mutiple ssl ports?

Yes.

> And if yes, should/scould i
> just rewrite them out or would the users running IE6 or 7 on XP have
> to see https://www.mysite.com:998877 instead? Could i have nginx remap
> :998877 to :433 (i.e. omitting it) once the session had been
> established?

No. Besides, some HTTP proxies may forbid any traffic expect 80 and 443 ports.

> [1] http://www.ruby-forum.com/topic/186664#815197
> [2] http://www.linuxquestions.org/questions/linux-server-73/juggling-http-and-https-content-for-multiple-virtual-hosts.-755949/


--
Igor Sysoev
http://sysoev.ru/en/
Reply Quote
RSS
Subject Author Posted

Multiple ssl vhosts.

vesperto September 28, 2009 06:18AM

Re: Multiple ssl vhosts.

Igor Sysoev September 28, 2009 06:24AM

Re: Multiple ssl vhosts.

vesperto September 28, 2009 07:02AM

Re: Multiple ssl vhosts.

Igor Sysoev September 28, 2009 08:18AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 205
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready