• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

https virtual hosting

Red Squirrel

Red Squirrel

No Lifer
I keep reading everywhere that using https with virtual hosting does not work, because the host: header is not sent before the actual https handshake happends, so only way is to use IP based so the names have a different IP.

But I just made it work, and it was effortless, so why is it that people say it wont work?

ex:

https://webmail.iceteks.net
https://cp.iceteks.net

Both are on same IP, but different virtual host! And its using SSL! Did I do something wrong (with SSL) or something? Since I read this is not possible to do, but these are clearly two different pages on the same host.
 
Considering that you're using 1 self-signed cert setup for "localhost.localdomain" on both domains which causes warnings when you connect I'd say no, you didn't set it up right.

Some places will sell you a wildcard cert (i.e. *.iceteks.net) which should work but I can't vouch for them since I've never done it myself.
 
Well I don't want to pay for a cert, so self signed is ok. Was just surprised it even worked to have two hostnames as I was told it did not work.

I don't even see the whole point of the cert thing, its just a money grabber tbh. The whole idea behind SSL is that the connection is encrypted.
 
Even if you don't want to pay for a cert you've still got a cert saying two sites are the same name even though they're using two different URLs which is wrong.

I don't even see the whole point of the cert thing, its just a money grabber tbh. The whole idea behind SSL is that the connection is encrypted.
Click to expand...

And to be sure that you're connecting to the correct host the cert has to be signed by someone you trust. I don't trust you because I don't know you but Verisign, Thawte, etc are all trusted places because they're supposed to do verify you are who you say you are before they sell you a cert. It's an ID thing. What you've got is the equivalent to a piece of paper saying "Hi, may name is RedSquirrel" with your signature on it but a real cert is like a state issued drivers license.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top