Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

Why Waste Dedicated ip for SSL?

Why Waste Dedicated ip for SSL?

TazTaz Disabled
edited July 2012 in General

A thought just came into my mind. Why waste ipv4 on SSL when you can install them on a shared ip?

Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

Comments

  • MrAndroidMrAndroid Member
    edited July 2012

    Because

    The SSL layer starts before the HTTP layer, therefore the HOST field is not passed until after the certificate is sent, that means the HTTP SSL server does not know what certificate to send.

    Therefore it relies on the IP to know what certificate to send, and hence while using a wildcard you can use multiple domains on one IP because it will just send the wildcard for all of them.

    There is a version of SSL that fixes this issue by passing the host on the SSL layer, but it is not widely supported.

    The Original Daniel.

  • yomeroyomero Member

    @MrLawoodle said: There is a version of SSL that fixes this issue by passing the host on the SSL layer, but it is not widely supported.

  • MrAndroidMrAndroid Member
    edited July 2012

    @yomero said: @MrLawoodle said: There is a version of SSL that fixes this issue by passing the host on the SSL layer, but it is not widely supported.

    http://en.wikipedia.org/wiki/Server_Name_Indication

    I tried to explain it as simple as possible.

    The Original Daniel.

  • TazTaz Disabled

    @MrLawoodle good point.

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • yomeroyomero Member

    @MrLawoodle said: tried to explain it as simple as possible.

    Yes, was an "x2" answer

    And Win XP will be around for some years

  • happelhappel Member

    People really should stop using windows xp. It's Rediculously old!

    Thanked by 1u4ia
  • yomeroyomero Member

    @happel said: People really should stop using windows xp. It's Rediculously old!

    And ridiculously good.

    Thanked by 2DimeCadmium Roph
  • @happel said: People really should stop using windows xp. It's Rediculously old!

    Not sure how "it's old" is a reason to stop using it. Software doesn't rot over time.

    Appreciate my posts/software/guides? Donate (PayPal/Flattr/Bitcoin): http://cryto.net/~joepie91/donate.html | irc.freenode.net #lowendbox

  • JarJar Member

    It took them so long to make XP stable no one wants to go through it again.

  • ZenZen Member

    People should stop using Linux, its ridiculously old!

    People should stop using Cars, they're ridiculously old!

    People should stop using Jets, they're ridiculously old!

    lalalala..logic!

    I work for Nodisto.

  • @WhiteLabelHosting Is alive? 0_o

    [email protected]
  • @WhiteLabelHosting said: People should stop using Jets, they're ridiculously old!

    Don't forget breathing! People should stop breathing because you can die from oxygen poisoning!

    Catalyst Host - Pie Approved!
  • @WhiteLabelHosting I think they mean "outdated"

    I still think XP is great, I know loads of companies who use on workstations it because it's pretty stable.

  • ZenZen Member
    edited July 2012

    I work for Nodisto.

  • IMHO, XP SP3 was arguably one of the best OS's that M$ was ever able to make (actually, I think WIN2K desktop was even better in terms of resource usage and stability, but didn't have the automatic device recognition of XP).

    An nLite'd XP SP3 running as VM on top of a "real" OS (even on a laptop) is pretty good!

    Don't forget how many people would request (and I believe have to pay for) the XP "downgrade" on PCs due to Vista.

     

  • RaymiiRaymii Member

    Wasn't this discussion about SSL and IP's?

    Quis custodiet ipsos custodes?
    https://raymii.org - https://cipherli.st
  • jcalebjcaleb Moderator

    XP is the best among desktop WIndows right now. Stable and low on resources.

    Twitter Bootstrap Themes for your software projects. I recommend Prometeus and Catalyst Host

  • yomeroyomero Member
    edited July 2012

    @Raymii said: Wasn't this discussion about SSL and IP's?

    Yes, and about how XP doesn't support SNI

  • TazTaz Disabled

    @Raymii typical Let, nothing new.

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • @Raymii said: Wasn't this discussion about SSL and IP's?

    Yes, but this is LET.

    Looking for support, sysadmin, etc. work: PM
    Working on VPSM
  • rm_rm_ Member

    So I decided I'd try SNI and went to get a free cert from StartSSL. However their login page directs me to https://auth.startssl.com/ which doesn't even load with ... an SSL error, lawl. Anyone else can access it?

  • HalfEatenPieHalfEatenPie Member
    edited July 2012

    @rm_: You need your authentication certificate on your browser (which is how they verify you for your account). This can be made using the registration button :P

    Try using this link dude: https://www.startssl.com/?app=12

    Catalyst Host - Pie Approved!
    Thanked by 2rm_ AsadHaider
  • yomeroyomero Member

    @HalfEatenPie said: This can be made using the registration button :P

    Exactly

  • RaymiiRaymii Member
    edited July 2012

    My SSL is from http://sslcertificaten.nl: https://raymii.org (and in runs clustered on 8 nodes hehe, so i'm wasting 8 IP's!)

    Quis custodiet ipsos custodes?
    https://raymii.org - https://cipherli.st
  • gianggiang Member

    @rm_ said: So I decided I'd try SNI and went to get a free cert from StartSSL. However their login page directs me to https://auth.startssl.com/ which doesn't even load with ... an SSL error, lawl. Anyone else can access it?

    Well, this has been discussed in many topics, StartSSL doesn't support Google Chrome, best browser to access their website is Firefox, and you have to install personal certification from StartSSL first ;)

  • @giang We try to let them figure out how much StartSSL sucks on their own. It won't take long..

  • @jcaleb said: XP is the best among desktop WIndows right now. Stable and low on resources.

    Low on security too.

    The Original Daniel.

  • TazTaz Disabled

    @Asadhaider come on, it is FREE! You do not complain about something that you are not paying for.

    Any way, awesome detailing going on. Carry on!

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

Sign In or Register to comment.