Forum OpenACS Q&A: Response to Multiple domains on same server/ip

Collapse
Posted by Michael A. Cleverly on
I imagine the reason is a classic catch-22. nsvhr would look at the host header that the client sends to identify which virtual domain was being requested, but on an SSL connection the SSL handshaking/certificate exchange happens before the client sends any headers, and since the client verifies that the SSL certificate matches the host requested browsers will display warnings/errors when there is a mis-match. And the server would have no way to know which SSL certificate to send if you had multiple domains on a single IP. So in the end everyone is effectively stuck with one SSL host per IP address.