<HTML><BODY style="word-wrap: break-word; -khtml-nbsp-mode: space; -khtml-line-break: after-white-space; ">Um, not really. In order for the wildcard cert e.g. *.mydomain.com to work, all the sites have to be on subdomains like site1.mydomain.com, site2.mydomain.com, etc. It doesn't matter if the sites are on virtual hosts or not. Serving the cert on anything that doesn't end with "mydomain.com" will activate a pop-up.<DIV><BR class="khtml-block-placeholder"></DIV><DIV>For single-domain certificates, yes, you have to have each domain on a separate IP address.</DIV><DIV><BR class="khtml-block-placeholder"></DIV><DIV>Jovca<DIV><DIV> <SPAN class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; text-align: auto; -khtml-text-decorations-in-effect: none; text-indent: 0px; -apple-text-size-adjust: auto; text-transform: none; orphans: 2; white-space: normal; widows: 2; word-spacing: 0px; "><DIV>_________________________________</DIV><DIV>Slobodan Jovcic</DIV><DIV>Teaching Enhancement Center</DIV><DIV>Office of Instructional Development, UCLA</DIV><DIV>(310) 794 2099</DIV><DIV><BR class="khtml-block-placeholder"></DIV><BR class="Apple-interchange-newline"></SPAN> </DIV><BR><DIV><DIV>On Jan 24, 2006, at 9:31 AM, michael nt milne wrote:</DIV><BR class="Apple-interchange-newline"><BLOCKQUOTE type="cite">ok, they're not technically subdomains but full domains in their own right but served from a single server which has its own domain. Would a wild card work with that? Would the pop-ups still be present when a user enters the site? <BR><BR><DIV><SPAN class="gmail_quote">On 1/24/06, <B class="gmail_sendername">Slobodan Jovcic</B> <<A href="mailto:jovca@oid.ucla.edu">jovca@oid.ucla.edu</A>> wrote:</SPAN><BLOCKQUOTE class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> Use a wildcard certificate, if all of your subdomains on the server<BR>belong to a single domain.<BR><BR>> Hi<BR>><BR>> I've got a few Plone sites set-up using Apache through Zope. The<BR>> question is, I'd like to implement SSL on the site login etc, as <BR>> it's not secure without this. There's also one site I'd like to<BR>> serve completely over https. However. I'm told that you can't run<BR>> SSL on virtual hosts and can only have once SSL site per IP address. <BR>><BR>> What would be the way round this? I know I could set-up SSL on Zope<BR>> only using the following documentation:<BR>><BR>> <A href="http://www.zope.org/Members/Ioan/ZopeSSL">http://www.zope.org/Members/Ioan/ZopeSSL </A><BR>><BR>> but if I can't carry this through to Apache then I'd have to run<BR>> Zope as the web server as well as the application server.<BR>><BR>> Thanks<BR>><BR>> Michael<BR><BR>_________________________________ <BR>Slobodan Jovcic<BR>Teaching Enhancement Center<BR>Office of Instructional Development, UCLA<BR>(310) 794 2099<BR><BR><BR><BR>_______________________________________________<BR>Zope maillist - <A href="mailto:Zope@zope.org"> Zope@zope.org</A><BR><A href="http://mail.zope.org/mailman/listinfo/zope">http://mail.zope.org/mailman/listinfo/zope</A><BR>** No cross posts or HTML encoding! **<BR>(Related lists -<BR> <A href="http://mail.zope.org/mailman/listinfo/zope-announce"> http://mail.zope.org/mailman/listinfo/zope-announce</A><BR> <A href="http://mail.zope.org/mailman/listinfo/zope-dev">http://mail.zope.org/mailman/listinfo/zope-dev</A> )<BR></BLOCKQUOTE></DIV><BR></BLOCKQUOTE></DIV><BR></DIV></DIV></BODY></HTML>