OpenVPN ALS

OK, let me try to explain this one ... :-).

Let's say that you set up an Adito server, on IP address 1.2.3.4. Your
domain name is www.mydomain.com, so you set up this name to resolve to your
IP address. Then, on your web browser you go to https://www.mydomain.com -
and voila, you get the login screen for Adito.

From here, you set up a Web Forward within Adito (or Tunnel, same problem
with a slight twist - explained below). You can set up the host header
adito.mydomain.com to point to your same IP address (via DNS), but with
this host header entered in to the Web Forward when you web browse to this
name (i.e. https://adito.mydomain.com), Adito forwards you to the Web
Forward (i.e. likely to your internal web server). The "host header"
portion of this is the name adito.mydomain.com, which is passed from your
web browser to Adito, and in turn is used to resolve to the Web Forward and
not the Adito server.

With me so far? The issue is that when you go to https://adito.mydomai.com,
Adito forwards you to the Web Forward (as it should), but it uses the SSL
certificate for www.mydomain.com (i.e. the mail SSL certificate set up in
Adito). As a result, every time you do this you receive warnings from your
web browser because the host names (or host headers) don't match. This same
issue happens with tunnels, as you tunnel to localhost typically, but
receive an SSL certificate for www.mydomain.com.

The fix is to use different SSL Certificates for the Web Forwards and
tunnels (and other areas?).

I hope this make sense!

I'm not familiar with "Host headers"... how can I reproduce this, step by
step?