Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Why Waste Dedicated ip for SSL?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Why Waste Dedicated ip for SSL?

TazTaz Member
edited July 2012 in General

A thought just came into my mind. Why waste ipv4 on SSL when you can install them on a shared ip?

Comments

  • MrAndroidMrAndroid Member
    edited July 2012

    Because

    The SSL layer starts before the HTTP layer, therefore the HOST field is not passed until after the certificate is sent, that means the HTTP SSL server does not know what certificate to send.

    Therefore it relies on the IP to know what certificate to send, and hence while using a wildcard you can use multiple domains on one IP because it will just send the wildcard for all of them.

    There is a version of SSL that fixes this issue by passing the host on the SSL layer, but it is not widely supported.

  • yomeroyomero Member

    @MrLawoodle said: There is a version of SSL that fixes this issue by passing the host on the SSL layer, but it is not widely supported.

  • MrAndroidMrAndroid Member
    edited July 2012

    @yomero said: @MrLawoodle said: There is a version of SSL that fixes this issue by passing the host on the SSL layer, but it is not widely supported.

    http://en.wikipedia.org/wiki/Server_Name_Indication

    I tried to explain it as simple as possible.

  • TazTaz Member

    @MrLawoodle good point.

  • yomeroyomero Member

    @MrLawoodle said: tried to explain it as simple as possible.

    Yes, was an "x2" answer

    And Win XP will be around for some years

  • happelhappel Member

    People really should stop using windows xp. It's Rediculously old!

    Thanked by 1u4ia
  • yomeroyomero Member

    @happel said: People really should stop using windows xp. It's Rediculously old!

    And ridiculously good.

    Thanked by 2DimeCadmium Roph
  • joepie91joepie91 Member, Patron Provider

    @happel said: People really should stop using windows xp. It's Rediculously old!

    Not sure how "it's old" is a reason to stop using it. Software doesn't rot over time.

  • jarjar Patron Provider, Top Host, Veteran

    It took them so long to make XP stable no one wants to go through it again.

  • @WhiteLabelHosting Is alive? 0_o

  • @WhiteLabelHosting said: People should stop using Jets, they're ridiculously old!

    Don't forget breathing! People should stop breathing because you can die from oxygen poisoning!

  • AsadAsad Member

    @WhiteLabelHosting I think they mean "outdated"

    I still think XP is great, I know loads of companies who use on workstations it because it's pretty stable.

  • IMHO, XP SP3 was arguably one of the best OS's that M$ was ever able to make (actually, I think WIN2K desktop was even better in terms of resource usage and stability, but didn't have the automatic device recognition of XP).

    An nLite'd XP SP3 running as VM on top of a "real" OS (even on a laptop) is pretty good!

    Don't forget how many people would request (and I believe have to pay for) the XP "downgrade" on PCs due to Vista.

  • RaymiiRaymii Member

    Wasn't this discussion about SSL and IP's?

  • jcalebjcaleb Member

    XP is the best among desktop WIndows right now. Stable and low on resources.

  • yomeroyomero Member
    edited July 2012

    @Raymii said: Wasn't this discussion about SSL and IP's?

    Yes, and about how XP doesn't support SNI

  • TazTaz Member

    @Raymii typical Let, nothing new.

  • @Raymii said: Wasn't this discussion about SSL and IP's?

    Yes, but this is LET.

  • rm_rm_ IPv6 Advocate, Veteran

    So I decided I'd try SNI and went to get a free cert from StartSSL.
    However their login page directs me to https://auth.startssl.com/
    which doesn't even load with ... an SSL error, lawl. Anyone else can access it?

  • HalfEatenPieHalfEatenPie Veteran
    edited July 2012

    @rm_: You need your authentication certificate on your browser (which is how they verify you for your account). This can be made using the registration button :P

    Try using this link dude: https://www.startssl.com/?app=12

    Thanked by 2rm_ Asad
  • yomeroyomero Member

    @HalfEatenPie said: This can be made using the registration button :P

    Exactly

  • RaymiiRaymii Member
    edited July 2012

    My SSL is from http://sslcertificaten.nl: https://raymii.org (and in runs clustered on 8 nodes hehe, so i'm wasting 8 IP's!)

  • gianggiang Veteran

    @rm_ said: So I decided I'd try SNI and went to get a free cert from StartSSL.

    However their login page directs me to https://auth.startssl.com/
    which doesn't even load with ... an SSL error, lawl. Anyone else can access it?

    Well, this has been discussed in many topics, StartSSL doesn't support Google Chrome, best browser to access their website is Firefox, and you have to install personal certification from StartSSL first ;)

  • AsadAsad Member

    @giang We try to let them figure out how much StartSSL sucks on their own. It won't take long..

  • @jcaleb said: XP is the best among desktop WIndows right now. Stable and low on resources.

    Low on security too.

  • TazTaz Member

    @Asadhaider come on, it is FREE! You do not complain about something that you are not paying for.

    Any way, awesome detailing going on. Carry on!

Sign In or Register to comment.