[buug] two urls one ip...with ssl

Rob Helmer robert at roberthelmer.com
Wed Sep 1 17:34:31 PDT 2004

Hi John,

The SSL negotiation happens before any HTTP headers are passed, which is 
why you do need one IP per domain. Named-based virtual hosting works by 
looking at the "Host:" HTTP header, so you're pretty much stuck with 
whatever the domain the certificate has on it, and this needs to match 
what the user typed into their web browser. By the time the "Host:" 
header is encountered by Apache, SSL negotiation has already been decided.

This also means that you need a seperate SSL certificate for each domain.


johnd wrote:
> I know I can't use name based virt hosts on apache and ssl...
> I have two domain names that both point to one ip...they are the same
> app though.
> just checking to make sure I'm not over complicating things in my head
> For each app to be ssl I obviously need two IPs right?

More information about the buug mailing list