A much-desired feature for some time by many administrators of servers was the ability to host virtual domíninos based on the Apache name and enable SSL (Secure Sockets Layer) in an independent manner for each area without the need to dedicate a unique IP to them. However an extension to TLS called SNI (Server Name Indication) described in RFC3546 enables the implementation of SSL on servers based on name. The big problem is that the OpenSSL library in its current version 0.98 does not support SNI, and this feature promised to version 0.99. But as the universe Open Source are excellent alternatives to almost everything that exists, we also have an experimental module for Apache called mod_gnutls. Despite being the experimental mod_gnutls already has more than two years of road and second reports and experience the module is quite stable and not the actual performance of the server waited outside.
Among the nuances of an implementation of this should be considered the compatibility of browsers with SNI, currently only operate most modern browsers (Firefox 2, IE 7 on Vista, Opera 7.6 +). There is still the option of using versions of OpenSSL snapshot or even patches that enable the media to SNI.
Follow the references below for more information and implement this solution:
http://www.g-loaded.eu/2007/08/10/ssl-enabled-name-based-apache-virtual-hosts-with-mod_gnutls/
http://gentoo-wiki.com/HOWTO_Apache_with_Name_Based_Hosting_and_SSL
http://www.outoforder.cc/projects/apache/mod_gnutls/
http://weblogs.mozillazine.org/gerv/archives/2007/08/virtual_hosting_ssl_and_sni.html
![[FSF Associate Member]](http://tutolivre.net/midia/fsf-6487.png "[FSF Associate Member]"){kind=small}
Submit a Comment