Multiple ssl vhosts.

Nuno Magalhães nunomagalhaes at
Mon Sep 28 14:56:25 MSD 2009


Yeah i had read that before and a similar one here [1], but what bugs
me is the browser support for SSLv3/TLS SNI:
    * Mozilla Firefox 2.0 or later
    * Opera 8.0 or later (the TLS 1.1 protocol must be enabled)
    * Internet Explorer 7 (Vista, not XP) or later
    * Google Chrome (Vista, not XP)
    * Safari 3.2.1 Mac OS X 10.5.6

I doubt anyone still uses FF 2.0, but the others will cause problems.
I'd like to avoid relying on browser compatibility, hence my post. I
don't want to use one general cert for multiple sites, i want one cert
per site; and no wildcard [2].

So, do i have to use mutiple ssl ports? And if yes, should/scould i
just rewrite them out or would the users running IE6 or 7 on XP have
to see instead? Could i have nginx remap
:998877 to :433 (i.e. omitting it) once the session had been


()  ascii-rubanda kampajno - kontraŭ html-a retpoŝto
/\  ascii ribbon campaign - against html e-mail

More information about the nginx mailing list