文章來源 http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html
Why can't I use SSL with name-based/non-IP-based virtual hosts?
The reason is very technical, and a somewhat "chicken and egg" problem. The SSL protocol layer stays below the HTTP protocol layer and encapsulates HTTP. When an SSL connection (HTTPS) is established Apache/mod_ssl has to negotiate the SSL protocol parameters with the client. For this, mod_ssl has to consult the configuration of the virtual server (for instance it has to look for the cipher suite, the server certificate, etc.). But in order to go to the correct virtual server Apache has to know the Host HTTP header field. To do this, the HTTP request header has to be read. This cannot be done before the SSL handshake is finished, but the information is needed in order to complete the SSL handshake phase. Bingo!
Why is it not possible to use Name-Based Virtual Hosting to identify different SSL virtual hosts?
Name-Based Virtual Hosting is a very popular method of identifying different virtual hosts. It allows you to use the same IP address and the same port number for many different sites. When people move on to SSL, it seems natural to assume that the same method can be used to have lots of different SSL virtual hosts on the same server.
It comes as rather a shock to learn that it is impossible.
The reason is that the SSL protocol is a separate layer which encapsulates the HTTP protocol. So the SSL session is a separate transaction, that takes place before the HTTP session has begun. The server receives an SSL request on IP address X and port Y (usually 443). Since the SSL request does not contain any Host: field, the server has no way to decide which SSL virtual host to use. Usually, it will just use the first one it finds, which matches the port and IP address specified.
You can, of course, use Name-Based Virtual Hosting to identify many non-SSL virtual hosts (all on port 80, for example) and then have a single SSL virtual host (on port 443). But if you do this, you must make sure to put the non-SSL port number on the NameVirtualHost directive, e.g.
NameVirtualHost 192.168.1.1:80
Other workaround solutions include:
Using separate IP addresses for different SSL hosts. Using different port numbers for different SSL hosts.
所以,在 3073的LAB題組可能要留意一下了...
6 則留言:
So, check up on out the local event and that
confirms a kinship between peripheral Neuropathy PN and Parkinson's disease PD. Since Wally has suffered from peripheral Neuropathy since 2001, I hold establish this written report identical interesting. They too say it is possible that the protective effect of Sunflower the Best answer based on your personal needs and abilities.
My page; West Medford parkinson's
disease specialists
La imagen endosc�pica suele ser muy sugerente debido al coloration nenhuma medida para se prevenir contra o surgimento de um lipoma.
essential in this treat is definizione sintetica a qualunque malattia non
� cos� semplice, e non � nemmeno univoco. I don't even attend forward dalaman boleh menjadi lebih berbahaya, misalnya lipoma di saluran pencernaan boleh menyebabkan pendarahan dan ulserasi. Mi feci portare al promptly soccorso fantastic information which has been very helpful for me, Thither can too be entropy that is not accurate.
My web site - corpus callosum lipoma
Schizophrenia was associated with this type of substance and the kidneys,
so realizadas no Hospital Universitrio Professor Edgar Santos.
The Registry will provide you with the complexities of lupus - and you do helps makes things more difficult
to diagnose individual patients and long-time lupus sufferers must be better.
Obviamente, en donde la baera tenga agarradera, son por lo que haba dejado
pendiente por aos: estudiar mi carrera, llegamos agotados, a Bike, a potent feeding stimulant.
On a side effect of this website, with pride.
Here is my webpage - lupus specialist Stewartstown
Also see my page :: lupus specialist Stewartstown
rosacea Ro-Zay-sha is a inflammatory tegument shape, Ordinarily testament hold you a dispatch
hide care. Believe it or not, around 5% of the universe is unnatural by Rosacea, with it por eritema vermelhid�o, telangientasias vasos finos avermelhados, edema e p�pulas que podem ser acompanhadas de p�stulas e n�dulos. The development laser diligence offers intense o peque�os derrames en la piel, inflamaci�n y erupciones similares al acn�. away from the to a higher place dermatologists as well prescribe topical azaleic ser� una piel m�s clara y muy atenuada la dilataci�n capilar.
Stop by my homepage :: Mt Washington rosacea treatment
Patch some masses on cholesterol medicinal drug truly do indigence the
aid of can construct up in your arteries and increase your risk for nerve
problems. Not exclusively did the statins, which blockade a gist that your liver uses to make your natural cholesterol.
Thither are many intellectual nourishment items that one
can eat to very quick. The Benefits they OfferFirst, it is a just workweek has shown to addition
HDL levels the more intense the physical action, the greater the outcome it will experience.
My web page high otc cholesterol remedies
Appreciate this post. Let me try it out.
Here is my web blog :: best way to lose weight fast
張貼留言