Menu
▾
▴
Re: [Flightgear-devel] https and mpmap02.flightgear.org
|
From: Florent R. <f.r...@gm...> - 2020-10-16 19:16:03
|
Le ven. 16 oct. 2020 à 19:19, <wki...@gm...> a écrit : > > yes, you can multiple domains on one web server on the same port(s)... > why? > because the http request header contains a destination domain name field > that is > the name of the domain server you are trying to connect to... this feature > is > great and i wish other protocols had the same... it allows to run one > instance > up front and reverse proxy to backend servers... without it, one has to > play the > non-standard port dance... > Yup, I know http can do this; I was more wondering about the X.509 certificate considerations. E.g., ISTR WinXP can't handle SNI, which appears to be exactly what is needed here: https://en.m.wikipedia.org/wiki/Server_Name_Indication "*Server Name Indication* (*SNI*) (...) allows a server to present multiple certificates <https://en.m.wikipedia.org/wiki/Public_key_certificate> on the same IP address <https://en.m.wikipedia.org/wiki/IP_address> and TCP port <https://en.m.wikipedia.org/wiki/TCP_port> number and hence allows multiple secure (HTTPS <https://en.m.wikipedia.org/wiki/HTTP_Secure>) websites (or any other service <https://en.m.wikipedia.org/wiki/Server_%28computing%29#Types_of_servers> over TLS) to be served by the same IP address without requiring all those sites to use the same certificate." But right, I guess XP is not very relevant anymore, and merspieler says this can work. However, the admin in question would need to be given a cert for the flightgear.org domain... Regards > |
