[Modules] mod_gnutls and domains without its settings
Davide Mirtillo
davide at ser-tec.org
Fri Aug 6 10:50:56 EDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Il 05/08/2010 21:15, Nikos Mavrogiannopoulos ha scritto:
> If I understand correctly you want to redirect https requests to http
> if the virtual host doesn't exist. You cannot do that, or more
> precisely you cannot do that before the user is presented with a
> certificate. Once the server knows that a virtual host doesn't exist
> the TLS connection has started, and thus will be completed using the
> default first certificate. The best thing you could do is to reject
> those clients completed (by having a default site that doesn't support
> any ciphersuites), or by redirecting after the handshake has been
> completed and the client has been presented with the default
> certificate.
>
> regards,
> Nikos
>
Thanks a lot for clearing this out for me. I will look into automating
the creation of https virtual hosts paired up with http ones.
- --
Davide Mirtillo
EV Network, Via Emilio Salgari 14/e
31056 Roncade (TV), Italy
Phone/Fax +390422798184 VAT IT02443090267
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkxcIVAACgkQKhoNWaTioebOHACgzaf7XUNGZRjLoYepK6x0W9GU
UkcAoKOVwK6Yxne2+nlV/uurmCVC+e0o
=Nonc
-----END PGP SIGNATURE-----
More information about the Modules
mailing list