On Wed, Dec 31, 2008 at 3:54 AM, wrote:
> So as you said there was no support in apache for dynamic certificate
> generation, why not add support for it. Make it a feature request. Of course,
> all enviroment vars that is available before SSL handshake could be available
> in %{} notations, s
>>Since the request follows the handshake, would you even know the
>>hostname being requested at the right time? (SNI aside)
One idea is to have a custom made DNS server which always issues a random IP in
lets say the 10.1.x.x series for each hostname->IP request. The certgenerate
software co
On Tue, Dec 30, 2008 at 5:08 PM, wrote:
> SSLCertificateFile prg:/usr/bin/certgenerate
> SSLCertificateFile |/usr/bin/certgenerate
> SSLCertificateFile exec:/usr/bin/certgenerate
None of these syntax are supported, and if they were they wouldn't be
evaluated per-request or connection.
> How ca
