[Zope3-dev] Re: Other (than GET and POST) HTTP Methods
Barry Pederson
barryp@medicine.nodak.edu
Thu, 09 Jan 2003 17:21:27 -0600
Paul Everitt wrote:
>
> Shane's suggestion is really brilliant. Only one downside (presuming
> the virtual host means x1.y.z and x2.y.z, and not x.y.z/1 and x.y.z/2,
> as Chris suggested below).
>
> If you change the hostname, you have to buy a different SSL certificate
> if you want both the rendered site and source site to be secure.
I don't believe you can do name-based virtual hosting with SSL since you'd
need to know the name in the request before you knew what key to use to
decrypt the request - kind of a catch-22. You'd have to use IP-based virtual
hosting.
I'd think for source access, most places would get along fine with a
self-signed certificate - it'd be kind of silly to pony up $150+/year just so
your developers aren't not bothered with a one-time dialog box saying the
site is using an untrusted cert.
Barry