Is SSL possible with virtual hosting on one IP?
An upvoted SO answer claims:
[SSL] breaks name based virtual hosting. With SSL, it's one site - one IP address.
开发者_JAVA技巧
Is that true? Does shared hosting that offers SSL certificates lease whole IP ranges?
With SSL, the server is always authenticated before application data is sent. The "Host" header of the HTTP request is application data. So, in general, you can't use HTTPS with virtual hosting.
However, if one party controls all of the sites that are hosted virtually, a single certificate can be created that lists all of the virtual host names in the "subject alternative name" extension. To emphasize, since there is only one key pair, a single private key is used to authenticate all of the hosts. This key should be controlled by a single owner.
Alternatively, Sripathi Krishnan pointed out that there is a TLS extension (currently specified in RFC 6066) that allows the browser to hint to the server which server certificate to present before the first handshake is completed. However, this extension is not universally supported.
If you look at A2Hosting SSL services, they require you to have a dedicated IP address besides shared hosting and that's it. So yes, as long as you maintain a dedicated IP address you can obtain an ssl certificate.
http://www.a2hosting.com/services/ssl-hosting
精彩评论