https virtual hosting

Red Squirrel

No Lifer
May 24, 2003
70,174
13,575
126
www.anyf.ca
I keep reading everywhere that using https with virtual hosting does not work, because the host: header is not sent before the actual https handshake happends, so only way is to use IP based so the names have a different IP.

But I just made it work, and it was effortless, so why is it that people say it wont work?

ex:

https://webmail.iceteks.net
https://cp.iceteks.net

Both are on same IP, but different virtual host! And its using SSL! Did I do something wrong (with SSL) or something? Since I read this is not possible to do, but these are clearly two different pages on the same host.
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
Considering that you're using 1 self-signed cert setup for "localhost.localdomain" on both domains which causes warnings when you connect I'd say no, you didn't set it up right.

Some places will sell you a wildcard cert (i.e. *.iceteks.net) which should work but I can't vouch for them since I've never done it myself.
 

Red Squirrel

No Lifer
May 24, 2003
70,174
13,575
126
www.anyf.ca
Well I don't want to pay for a cert, so self signed is ok. Was just surprised it even worked to have two hostnames as I was told it did not work.

I don't even see the whole point of the cert thing, its just a money grabber tbh. The whole idea behind SSL is that the connection is encrypted.
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
Even if you don't want to pay for a cert you've still got a cert saying two sites are the same name even though they're using two different URLs which is wrong.

I don't even see the whole point of the cert thing, its just a money grabber tbh. The whole idea behind SSL is that the connection is encrypted.

And to be sure that you're connecting to the correct host the cert has to be signed by someone you trust. I don't trust you because I don't know you but Verisign, Thawte, etc are all trusted places because they're supposed to do verify you are who you say you are before they sell you a cert. It's an ID thing. What you've got is the equivalent to a piece of paper saying "Hi, may name is RedSquirrel" with your signature on it but a real cert is like a state issued drivers license.