Crispin,

That depends on your internal network and DNS. You can actually use
dynamic DNS to route the public traffic to private IPs on the server.
The case in point assumes that the iSeries is Internet facing. With
firewalls and DNS, you can route the traffic to an internal IP, and
translate SSL traffic to specific ports on the firewall.

Tom Armbruster

-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx]
On Behalf Of Crispin Bates
Sent: Wednesday, December 19, 2007 10:28 AM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] Does anyone know if this is valid in Apache

Matt,

Ok, so it's the IP/Port combination that can only support a single
certificate. I knew it was something like that (and our machine has only
one
public ip address, hence my confusion). Sorry I mispoke there.

But, in that case, what Mike was asking won't work, based on what you
stated, because he said - "With the key part being both listening on
:443."

Is that a correct statement?

Thanks,

Crispin.


----- Original Message -----
From: "Haas, Matt (CL Tech Sv)" <matt.haas@xxxxxxxxxxx>
To: "Web Enabling the AS400 / iSeries" <web400@xxxxxxxxxxxx>
Sent: Wednesday, December 19, 2007 1:20 PM
Subject: Re: [WEB400] Does anyone know if this is valid in Apache


That's never been true. You can have as many certificates as you need.
I
have 5 certificates on one machine but each certificate has to have a
unique combination of IP address and port because you can't do name
based
virtual hosting with SSL.

Matt

-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx]
On
Behalf Of Crispin Bates
Sent: Wednesday, December 19, 2007 12:58 PM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] Does anyone know if this is valid in Apache

Mike,

I'm pretty sure you can only have one certificate per machine. This
isn't
an
i5 thing either, iirc. I may be mistaken and proven wrong here, but
that's
what I remember...

Crispin.

----- Original Message -----
From: "Mike Cunningham" <mcunning@xxxxxxx>
To: "'Web Enabling the AS400 / iSeries'" <web400@xxxxxxxxxxxx>
Sent: Wednesday, December 19, 2007 12:49 PM
Subject: [WEB400] Does anyone know if this is valid in Apache


<VirtualHost 9.5.61.228:443>
ServerName www.SIS.org<http://www.SIS.org>
DocumentRoot /www/jkltest/earnings/
SSLEnable
SSLAppName QIBM_HTTP_SERVER_SIS
SSLClientAuth None
<Directory /www/jkltest/earnings>
Order Allow,Deny
Allow From all
Require valid-user
PasswdFile %%SYSTEM%%
UserID %%SERVER%%
AuthType Basic
AuthName "Projected Earnings"
</Directory>
Alias /earnings/ /www/jkltest/earnings/
</VirtualHost>


<VirtualHost 9.5.61.228:443>
ServerName www.EIS.org<http://www.EIS.org>
DocumentRoot /www/jkltest/earnings/
SSLEnable
SSLAppName QIBM_HTTP_SERVER_EIS
SSLClientAuth None
<Directory /www/jkltest/earnings>
Order Allow,Deny
Allow From all
Require valid-user
PasswdFile %%SYSTEM%%
UserID %%SERVER%%
AuthType Basic
AuthName "Projected Earnings"
</Directory>
Alias /earnings/ /www/jkltest/earnings/
</VirtualHost>


And have two different certificates. One for
www.SIS.org<http://www.SIS.org> attached to QIBM_HTTP_SERVER_SIS and
one
for www.EIS.org<http://www.EIS.org> attached to QIBM_HTTP_SERVER_EIS.

With the key part being both listening on :443.
--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.




--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.

--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.





As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.