[jdev] virtual hosting and certificate checking
norman at rasmussen.co.za
Wed Mar 1 13:36:42 CST 2006
> This can be problematic for virtual hosting. Consider the following
> - - shakespeare.lit runs an XMPP server.
> - - shakespeare.lit hosts XMPP services for denmark.lit, montague.lit,
> capulet.lit, etc.
> There are two possibilities I can see.
Don't forget option #3:
Just like HTTPS, each hostname/certificate has to have it's own IP
address - this is so that we can tell which certificate to present
based on the IP the client has just connected to.
Unfortunately it's a wastage of IP addresses, but it's something that
most server admins / cert issuers understand already.
Of course, this isn't to say that Option #2 is a better idea, I was
just saying that there's a work around for some servers/situations.
- Norman Rasmussen
- Email: norman at rasmussen.co.za
- Home page: http://norman.rasmussen.co.za/
More information about the JDev