[jdev] virtual hosting and certificate checking
Trejkaz
trejkaz at trypticon.org
Wed Mar 1 15:12:14 CST 2006
On Thursday 02 March 2006 06:36, Norman Rasmussen wrote:
> > This can be problematic for virtual hosting. Consider the following
> > scenario:
> >
> > - - shakespeare.lit runs an XMPP server.
> >
> > - - shakespeare.lit hosts XMPP services for denmark.lit, montague.lit,
> > capulet.lit, etc.
> >
> > There are two possibilities I can see.
>
> Don't forget option #3:
>
> Just like HTTPS, each hostname/certificate has to have it's own IP
> address - this is so that we can tell which certificate to present
> based on the IP the client has just connected to.
>
> Unfortunately it's a wastage of IP addresses, but it's something that
> most server admins / cert issuers understand already.
Or, run each server on a different port.
How much does a block of 50,000 IP addresses cost, anyway? I always get
exhorbitant quotes back when I merely want to rent a block of 8.
TX
--
Email: trejkaz at trypticon.org
Jabber ID: trejkaz at trypticon.org
Web site: http://trypticon.org/
GPG Fingerprint: 9EEB 97D7 8F7B 7977 F39F A62C B8C7 BC8B 037E EA73
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://www.jabber.org/jdev/attachments/20060302/d6871ba0/attachment-0002.pgp>
More information about the JDev
mailing list