[Zope] SSL over Multiple Zope/Plone sites?

michael nt milne michael.milne at gmail.com
Wed Jan 25 10:07:27 EST 2006


Hi

The virtual hosts are all served from the same server but they don't
actually share the same domain. They have different domain names but
are served from the same IP.

I'm going to try David Pratt's method above to set up a
mysecure.domain.com and then use Apache to re-write in and out of the
login areas etc.

Thanks for all the help

Michael

On 1/25/06, Martijn Pieters <mj at zopatista.com> wrote:
> On 1/24/06, michael nt milne <michael.milne at gmail.com> wrote:
> > Ok, thanks. The annoying thing is that I am renting a virtual dedicated
> > server which allows multiple domain names obviously but not multiple IP
> > addresses. Or it probably costs more for that. Do you reckon SSL will ever
> > be available for virtual single IP based hosts?
>
> No, because it is a technical limitation. The SSL certificate is used
> to encrypt the channel to the client. As the named virtual host
> selection is based on the Host header sent over this encrypted
> channel, you cannot use a SSL certificate per named virtual host.
> Hence the limitation of one SSL certificate per IP address.
>
> You can work around this limitation if all your virtual hosts share
> the same top-level domain name, by using a wildcard certificate. For
> example, for all example.com virtual hosts, one *.example.com SSL
> certificate can be used without the browser ever complaining about a
> name mismatch.
>
> --
> Martijn Pieters
>


More information about the Zope mailing list