10 Feb
2016
10 Feb
'16
5:05 p.m.
On Wed, 10 Feb 2016, at 16:10, Michael Stevens wrote:
On Wed, Feb 10, 2016 at 07:22:14AM +0000, Andy Smith
wrote:
If SNI is not an option (although Windows XP is well and truly EOL, it
is still a bit severe for a well trafficked website to intentionally
break support for it), SAN certificates are a viable option for serving
multiple HTTPS websites using a single IP address. They allow you to
have a single certificate that is valid for multiple (entirely
unrelated) hostnames. This option is used by a major CDN, so is known
to work at scale.
https://www.digicert.com/subject-alternative-name.htm (only because it
is the top result on Google)
https://en.wikipedia.org/wiki/SubjectAltName
Robert
If there is something I have forgotten to cover,
please do let us
know, either by replying here to to support(a)bitfolk.com.
I've been using multiple IPs for SSL. Does anyone who pays more
attention to these things know if SNI
(https://en.wikipedia.org/wiki/Server_Name_Indication) is a workable
alternative these days?