2009/08/04

SSL virtual web hosting

I need to jot down some hints why SSL/HTTPS support for name-based virtual hosts is not possible.

It is because of the SSL protocol in itself. For establishing the connection between the client and the server, the SSL parameters are negotiated first. The client is required to know which server is to connect to which can not happen at the moment because the host: header information has not been exchanged to determine which virtual host to send the request to. This is a “chicken and egg” issue and is the reason why each SSL-enabled Web site must be configured on a unique IP address.

The good news, of course, is availability of address should not be a concern in the case of IPv6.

1 comment:

gaurav11 said...

Well this is a great article and you have described everything is very clearly..i got a lot from this article..thanks! website hosting service provider