[HacktionLab] progress on registration form
ben at bristolwireless.net
ben at bristolwireless.net
Fri May 14 10:06:13 BST 2010
Quoting "Mike Harris" <mike at mbharris.co.uk>:
> Tis done https://hacktivista.net
>
> Sketchy self-signed cert at present, but requested one from StartSSL.
>
> For the registration, I'm not sure, that's one for Yoss. One of the
> issues with SSL used to be that one could only have one SSL enabled web
> server instance running per IP address. Therefore you couldn't have two
> sites that shared the same IP both being SSL enabled. I haven't looked
> into this for several years now, anyone know if that's still the case?
>
This has actually never been the case, though there's plenty of web
pages to tell you it's technically impossible. I don't know where
people get off on this one, scheeze. Well, this isn't that true, you
need to use TLS rather than SSL.
What is impossible is to have more than one SSL certificate per IP on
an Apache webserver using the dodgy SSL implementation (mod_ssl).
GnuTLS has supported this for a long while though.
The debian package libapache2-mod-gnutls has gnutls for apache2
(mod_gnutls). To get the module up do "a2enmod gnutls" then "a2dismod
ssl". The set up is different to the usual mod_ssl, you'll need to
look it up. The configs MIGHT look something like this:
<VirtualHost 192.168.0.1:443>
ServerName v1.example.org:443
GnuTLSEnable on
GnuTLSCertificateFile /etc/pki_custom/certs/v1.example.org.crt
GnuTLSKeyFile /etc/pki_custom/private/v1.example.org.key
DocumentRoot "/var/www/v1/public_html"
</VirtualHost>
Cheers,
==
From Ben Green
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: PGP Digital Signature
Url : http://lists.psand.net/cgi-bin/mailman/private/hacktionlab/attachments/20100514/8cddcc52/attachment-0001.pgp
More information about the HacktionLab
mailing list