* Henrique de Moraes Holschuh (hmh@debian.org) wrote: > On Mon, 02 Sep 2002, Stephen Frost wrote: > > * Henrique de Moraes Holschuh (hmh@debian.org) wrote: > > > On Sat, 31 Aug 2002, Brian May wrote: > > > > (note that I really like this realiance on checking the hostname, for > > > > instance it doesn't work properly with virtual name domains under https, > > > > but it somehow seems to have become the defacto default, and we seem to > > > > be stuck with it for now). > > > > > > It can, if the !@#$@#$ browsers implement the altName extension. > > > > Uh, except that on the server side if you're going to have different > > certs for different virtual servers then unless they each have their own > > IP there's no way for apache to know which cert to use because the SSL > > connection and whatnot is set up prior to the HTTP headers being sent. > > That's my understanding anyway. > > That is why you have more than one name in the cert. I would think most places want their own cert and not to share with other, probably totally unrelated, people. Stephen
Attachment:
pgpFSSyHTcpbJ.pgp
Description: PGP signature