Re: [SurgeMail List] SSL Certs

This post if a part of this thread

	2008-05-20 22:23:42

Re: SSL Certs

No you can't, the SSL negotiation is done before anything is actually sent across the channel. This means the HOSTNAME / SERVERNAME variables sent with the http header that are normally used for webmail vhost domain identification cannot be used. Your only alternatives are to: 1) Setup this domain on a separate ip address 2) Get certificates containing multiple domains issued. I've never actually personally made it work (but also have not tried very hard) but it should be possible with SSL3. Also I know the CA's do not like creating this kind of certificate. Marijn From: horizon-internet.com CTRL + Click to follow link" href="mailto:lenhorizon-internet.com">Len Engel Sent: Saturday, May 17, 2008 3:18 AM To: netwinsite.com CTRL + Click to follow link" href="mailto:surgemail-listnetwinsite.com">surgemail-listnetwinsite.com Subject: [SurgeMail List] SSL Certs Good Morning One of my customers wanted a valid SSL certificate for their webmail -- one of their clients appears to be blocking bad connections (or maybe the 7443 port) Two questions Now that I have successfully installed the cert, all the untrusted certs report the mail.secureddomain.net cert Can I have more than one vhost secured with different certs and can anyone point me to the "help" for that Thanks -- Len Engel Horizon Internet Solutions, LLC www.horizon-internet.com Boise, Idaho USA

Re: SSL Certs