*********** REPLY SEPARATOR ***********
On 16/06/00 at 8:14 Charles Galpin wrote:
>perhaps if I explain my experience with this, it will help
>
>On Thu, 15 Jun 2000, Brian Ashe wrote:
>>
>> 4) I cannot confirm or deny the single IP address theory, as I have not
>> tried it. But I do have some trouble believing it since the ServerName
>> directive is what gets matched against the certificate and the
certificate
>> has no knowledge of the IP it came from. I could be wrong, it wouldn't
be
>> the first time. But you will probably have to be quite creative about
your
>> Virtual hosting directives to get things working. I would suggest
hacking at
>> it a little before giving up. Especially since @Home is not likely to
give
>> you additional IP addresses just so you can go against their service
policy.
>
>Lets say you have two domains, a.com and b.com using name based virtual
>hosting.
>
>If the user first visits a.com, they will get given the a.com cert. When
>they go to site b.com, they will not be offered a new cert as the browser
>thinks they are the same (same IP).
>
>If they stop their browser, and then go to b.com first, they will pick up
>the b.com cert, and then when they visit a.com, just like above, they will
>not get given the a.com cert.
>
>So if you can live with this behaviour, then fine, but this not the same
>as the behaviour you would get with seperate IPs. I consider this not
>working properly. Every other aspect of name based virtual hosting is
>identical to the ip based counterpart except this...
>
Here is another reason, if you intend getting positiones on a search engine
, IP's are also needed, even with the normal Apache, reason...because the
search engine crawlers can tell its a virt host and will not rate it
highly, or at all possibly. I have taken the word of some people in the
hosting industry on this. I cannot give specifics on engines
Anyway, it gets down to if you have IP's or not, if you are using SSL in a
serious way like for submission of Credit cards etc, I would suggest using
the IP and correct cert method, in fact as Charles has pointed out, most
people place the importance on the certificate being correct ( myself I
was always more concerned about the SSL connection, but then again I
understand the certificate warnings) so it gets down to the end
user....again ;-)
Regards
Greg Wright
--
IT Consultant Sydney Australia PH 0418 292020
Available for Global Contracts Int. +61 418 292020
web http://www.ausit.com e-mail greg AT ausit.com
Trading As - AAA Computers, ITpro, Ozzie Soft, providers of IT services.
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
