[Qvcs-CVS] qvcs-guide qvcs-guide.xml,1.4,1.5

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/qvcs-guide/qvcs-guide
In directory sc8-pr-cvs1:/tmp/cvs-serv9233

Modified Files:
	qvcs-guide.xml 
Log Message:
Some stuff.


Index: qvcs-guide.xml
===================================================================
RCS file: /cvsroot/qvcs-guide/qvcs-guide/qvcs-guide.xml,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** qvcs-guide.xml	27 Jun 2003 02:26:01 -0000	1.4
--- qvcs-guide.xml	30 Jun 2003 11:42:04 -0000	1.5
***************
*** 28,32 ****
      <edition>&rhl; 9 Edition</edition>
      <pubdate>TBA</pubdate>
!     <releaseinfo>1.90</releaseinfo>
      <copyright>
        <year>2001-2003</year>
--- 28,32 ----
      <edition>&rhl; 9 Edition</edition>
      <pubdate>TBA</pubdate>
!     <releaseinfo>Version: 1.90</releaseinfo>
      <copyright>
        <year>2001-2003</year>
***************
*** 880,884 ****
          <para>
            Once this step is done, you are ready to configure the
!           advanced features of &qvcs;
          </para>
        </sect2>
--- 880,884 ----
          <para>
            Once this step is done, you are ready to configure the
!           advanced features of &qvcs;.
          </para>
        </sect2>
***************
*** 888,893 ****
        <title>Encrypted Communication (SSL)</title>
        <para>
!         I AM HERE
        </para>
      </sect1>
      
--- 888,933 ----
        <title>Encrypted Communication (SSL)</title>
        <para>
!         You will most likely want to configure the SSL on your newly
!         installed machine. It is already enabled for the most part,
!         but not at all configured. First thing you will need is an SSL
!         certificate.
!       </para>
!       <para>
!         Let's first of all create a test certificate to practice
!         on. Perform the following actions:
!       </para>
!       <programlisting>
! &prompt; <userinput>cd /usr/share/ssl/certs</userinput>
! &prompt; <userinput>make stunnel.pem</userinput>
!       </programlisting>
!       <para>
!         The program will ask you some questions, the most important of
!         which is &quot;Common Name&quot;. That would be the host name
!         of your server, but before we do that, let's have a bit of a
!         segue.
        </para>
+       <note>
+         <title>SSL And Virtual Hosts</title>
+         <para>
+           Doing SSL on virtual hosts is tricky because the client
+           machine will check whether the hostname of the server
+           matches the &quot;common name&quot; listed in the
+           certificate it provides during the &quot;SSL
+           Handshake&quot;. If these two do not match, the client will
+           either drop the connection, or present the user with a very
+           large, very obnoxious, and very visible SSL certificate
+           warning.
+         </para>
+         <para>
+           The solution is to pick a consistent host name for your
+           mailserver that would both be convenient and reflect upon
+           your company as the provider of the service. I.e. if you are
+           known as &quot;The Quibbler Data Express&quot;, you will
+           want to make &quot;mail.quibbler.jk&quot; as the common name
+           for your SSL certificate. This is the address you will give
+           out to all your clients for their outgoing and incoming
+           email (SSL interface for the webmail is discussed later).
+         </para>
+       </note>
      </sect1>