Resolve a many-SSL-to-one IP for clients browsers that doesn't support SNI

Posted by Emile on Server Fault See other posts from Server Fault or by Emile
Published on 2011-03-08T22:53:55Z Indexed on 2011/03/09 0:12 UTC
Read the original article Hit count: 549

Filed under:
|
|
|
|

Whoa, acronyms :) So according to this question you can have multiple SSL subdomains on one IP address as long as your server supports TLS (which Apache 2.2x does).

Another answer to that question points out that the client browser must have SNI support to work, which IE doesn't have on Windows XP. So, what happens to people with that browser is a warning message saying that the SSL cert doesn't match the domain.

Can one resolve this issue for those client browsers without SNI support? Does a wildcard (for subdomains) do the trick? Are there other (cheaper) options?

© Server Fault or respective owner

Related posts about linux

Related posts about apache