you can't use them unless you have a dedicated IP.
So namecheap gets the benefit of the marketing buzz, but doesn't have to actually deliver anything in most cases (assuming that most people are on shared hosting). I'd bet5 that a CSR gets rejected out of hand by Comodo.
Namecheap could have said right on their offer: this ONLY works with a dedicated IP
Oh well, time wasted... but I did discover that OpenSSL client mode does work on %%$# Vista.
Full Version: no wonder certs are free
You can get a dedicated IP on shared hosting for $2/month.
thanks for that info. I was only fooling around with the cert, for no particular reason (except being free... hehe). I'd done that with dyndns. But if I ever *need* it I guess it's not that expensive.
It seems, though, there should be a way to have a cert without a unique IP. I realize the problem is this: when your browser connects to the host, the client and server negotiate the encrypted connection before the server knows what virtual host you want.
But there must be a way to establish the initial TLS link and then hand off to a virtual host. You've already got the symmetric key having been created and exchanged. The server would then only have to get the auth chain from the virtual host's cert. I'd suppose you'd have to figure that all virtual hosts at the same IP would need to work off the same cipher suite.
Well, just thinking out loud... I suppose there's not much demand for that and so nobody is developing it.
It seems, though, there should be a way to have a cert without a unique IP. I realize the problem is this: when your browser connects to the host, the client and server negotiate the encrypted connection before the server knows what virtual host you want.
But there must be a way to establish the initial TLS link and then hand off to a virtual host. You've already got the symmetric key having been created and exchanged. The server would then only have to get the auth chain from the virtual host's cert. I'd suppose you'd have to figure that all virtual hosts at the same IP would need to work off the same cipher suite.
Well, just thinking out loud... I suppose there's not much demand for that and so nobody is developing it.
I think you need to have a reason for a dedicated IP, though, as Tim and ASO get them from GNAX and all data centres try to minimise the number of IPs they hand out delay the inevitable point where we run out if IPv4 addresses.
As for virtual hosting, I've been reading about SSL on Lighttpd recently (and Apache replacement) and apparently it is possible with a special certificate type
As for virtual hosting, I've been reading about SSL on Lighttpd recently (and Apache replacement) and apparently it is possible with a special certificate type
QUOTE (IBBoard @ Sep 5 2008, 2:09 PM) 
As for virtual hosting, I've been reading about SSL on Lighttpd recently (and Apache replacement) and apparently it is possible with a special certificate type
I'd also encountered a bit of something yesterday about shared hosting with SSL, but the catch was that it was insecure somehow. I didn't delve much into it.
Note that this is with Apache, and it seems you might be able to do it yourself:
http://www.virtualmin.com/forums/virtualmi...rtualhosts.html
Admin there says: "This has been discussed numerous times in the forums. Basically, we're not going to stop you from doing it wrong...but we're not going to help either. ;-)"
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.