Article 8911 at 07/02/22 09:00:38 From: dmobley (at mark) uhostme.net Subject: [coba-e:08911] Re: Shared SSL

Index: [Article Count Order] [Thread]
Date:  Wed, 21 Feb 2007 18:36:56 -0500
From:  "Darrell D. Mobley" <dmobley (at mark) uhostme.net>
Subject:  [coba-e:08911] Re: Shared SSL
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <002e01c75611$35d2aae0$a17800a0$@net>
In-Reply-To:  <bb9e5a970702211433i2dd92a88l3bfaba130e94cfbd (at mark) mail.gmail.com>
References:  <D4760A3D-CD74-4057-99E2-AA133073F6EF (at mark) kommunity.net>	 <003601c755ed$3755f9e0$3701a8c0 (at mark) lapxp> <bb9e5a970702211433i2dd92a88l3bfaba130e94cfbd (at mark) mail.gmail.com>
X-Mail-Count: 08911

The way I have seen it done in the past (and have done it myself) was
register an SSL certificate for the host site on the server, and then put
sym-link directories under that main host site's web directory leading to
the customer's web directory.  You have to edit the httpd.conf to allow
following symlinks.  Like Arthur mentioned, the URL looks like"

https://www.themainhostsite.com/thecustomersdomain/

where "thecustomersdomain" is a symlink to their "web" directory.  The
customer just has to make sure there are no absolute URLs on their site for
images, etc. so the customer doesn't get a message about mixed security
levels.  Instead of /index.html they would use ../index.html or whatever it
took to get them back to the index page without breaking their links.

It's not rocket science.

-----Original Message-----
From: Dustin Krysak [mailto:d.k.emaillists (at mark) gmail.com] 
Sent: Wednesday, February 21, 2007 5:33 PM
To: coba-e (at mark) bluequartz.org
Subject: [coba-e:08908] Re: Shared SSL

To my knowledge, you can share it if they are all on the same ip,
however for any domain that is not the same as the primary domain the
cert itself was setup for, they will get the message that essentially
implies that they "possibly"  be having their traffic hi jacked. After
the accept it (if they do permanently), it will no longer state that.

Unless there is something else out there now I may not be aware of....

d

On 2/21/07, Arthur Sherman <arturs (at mark) netvision.net.il> wrote:
> > > I want clients connecting to http://www.domain.tld/webmail
> > redirect to
> > > https://www.domain.tld/webmail.
> > >
> > > Is it possible to achieve assuming all the sites share the same IP?
> >
> > You can't have VirtualHosts + SSL as the encryption is done before
> > the client can request the virtual site.
> >
> > You can have something like: https://<my-domain>/<customer_domain>/
> > webmail
> > and a frame for each customers Website?! Should be no problem with a
> > valid Cert.
> >
> >
> > tmueko
>
>
> I've heard of shared SSL - is it possible to have on BQ?
>
>
> Best,
>
> --
> Arthur Sherman
>
> +972-52-4878851
> CPTeam
>
>
>
>