Torben,
You're probably right in suggesting that the use case is not strong. I do think that there is a potential use case for hosting multiple domains (any number of which using OpenACS) in a single Aolserver instance, with separate ssl contexts. In this case I would not want the database pools to be shared between separate domains for security reasons. However, this would of course be almost as resource intensive as completely separate servers because each OpenACS virtual server would have to load a full set of tcl libs into memory.
This arrangement would be better security wise than host-node mapping because it would enable the databases to be kept completely separate, and would enable you to set up a separate openssl context for each OpenACS domain.
Of course, as things stand already you can set up additional contexts for non-OpenACS domains hosted as virtual servers alongside an OpenACS in the same config.tcl, and NginX is also a great tool for serving up static files and reverse proxying, with its own support for openssl.
Host node mapping and Aolserver v4 virtual hosting both suffer from the problem that you can't bring a single server down when necessary, and you have to post-process the logfiles to separate entries for each domain for analysis.
I guess there is no need to change 'users', it just seems untidy as it is! 😉
I still think though that the template config.tcl should not cause ns_log errors or warnings, and if the current one doesn't then the comments shouldn't warn that it will!
I also think that the cacert file should be loaded even if you are using your own personal CA. As it stands this is commented out in the current release version of config.tcl
Regards
Richard
