The PC Builder, The Gamer, The Developer
Technology
LAMP Thursday – SNI
Nov 18th
Recently, my company decided to point two different domain names at the same web server with two separate SSL certificates. Normally, Apache can handle such requests as long as certain requirements are met. These requirements include:
- Having each domain name point to 2 different IP addresses on the same computer. This also requires having two different network cards on the same computer.
Listen 80 <VirtualHost 172.20.30.40> DocumentRoot /www/example1 ServerName www.example1.com </VirtualHost> <VirtualHost 172.20.30.50> DocumentRoot /www/example2 ServerName www.example2.org </VirtualHost> - Having each domain point to the same IP, but to different ports (for instance, 80 and 8080).
Listen 80 Listen 8080 NameVirtualHost 172.20.30.40:80 NameVirtualHost 172.20.30.40:8080 <VirtualHost 172.20.30.40:80> ServerName www.example1.com DocumentRoot /www/domain-80 </VirtualHost> <VirtualHost 172.20.30.40:8080> ServerName www.example2.com DocumentRoot /www/domain-8080 </VirtualHost> - SNI or Server Name Indication [SNI]
You can obviously rock a wiki on this term (I even gave you the link above), but I’ll at least point out here a small definition and the application of SNI to our server. Server Name Indication is the ability of the server and client to map two separate domain names with two different SSL certificates to the same IP address on the same port (i.e. IP address 192.168.1.100, port 443).
Normally, this situation wreaks havoc on web servers, and they are forced to ignore the separation and serve up the first SSL certificate it sees in a configuration file. However, if you navigate to the domain that does not match that default certificate, the browser will give you an SSL error (see below).
When Apache released their HTTP Server version 2.2.12, the software auto-corrected this issue, but it takes a while for browsers, especially old and unsupported ones, to catch up, if they ever do. KDE Konqueror, IE on Windows XP, Safari on Windows XP, Windows Mobile older than 6.5, and namely Blackberry browser (all versions) suffer from this issue.
The main concern for my company is Blackberry Browser, as we have just started working on a mobile version of our website which uses the SSL certificates. Our only other option is to use #1 from the list above. This alternative is advantageous because it will also provide some redundancy to our system, as well.
It took me a little while to research this on the Internet, even in our Google-infested day and age. I hope this helps anyone with a similar issue, or even anyone just looking to learn more about Apache.
Cheers!
A New Agenda – Daily Tech Updates
Nov 18th
After much consideration, I want to reboot this blog into something I update daily with small fun facts or little hints for anything technology, since that is my specialty. My hope is that you can at least find one day out of the week you might want to read it (see Monday’s topic, for instance), and so enrich your life with my ramblings. Here’s the schedule (not set in stone, but I wanted to at least start to formulate a plan for this):
- Monday – Automation in Daily Life
Information about simply making life easier. From setting up your webcam at home as a security camera to using your phone as a remote to your TV. - Tuesday – “Doubleshot” Tips
It’s your (and my) chance to shout out technology tips to people. If you got any, send them my way, and I’ll post 2 of the best ones. [syardumi at gmail dot com] - Wednesday – Mobile Devices & News of the Week
I know everyone has something to say about their favorite mobile device whether it be iPhone, Droid, Blackberry, or other, if you don’t prefer the popular devices. This is also a blerb about any BIG news of the week that needs discussion. - Thursday – LAMP Server
This could be a bit advanced for a few, but if it’s your cup of tea, you won’t be disappointed. LAMP Server (or Linux, Apache, MySql, PHP Server) is the term used to describe a server built on a Linux operating system using Apache Webserver, MySql Database, and PHP Scripting. In layman’s terms, a server used to host a website or any other information for the entire Internet . I’m hoping to show some tidbits on the entire range of those 4 items. - Friday – Computer Building
A big passion of mine is building computers, as it is with many tech junkies out there. Keeping up with the latest and greatest hardware can be at least difficult, if not daunting. This day will try to make sense of the constantly changing hardware world in which we live. - Saturday/Sunday – Anything We Want!
It’s a free-for-all! Anything we want to talk about is on the table. It’s a chance to catch up on the week’s happenings, or just talk about how awesome Big Bang Theory was last week.
So, let me deviate from the schedule and start today, “LAMP-day”, with News of the Week followed by a useful LAMP tip.
Apple announced on Tuesday at 10AM EST that The Beatles are now on iTunes! If you hadn’t already decided that they sound better on vinyl, you are in luck. The Abbey Road Four came to iTunes just in time for Apple to make a whole lot of cash before the year closes. From Gizmodo:
It’s the Beatles Box Set which is the big one. With 256 songs, documentaries, and other videos (including their first-ever US concert), it costs $150, which must be the priciest purchase on iTunes. Other albums, including Help!, Abbey Road, and my favorite the Magical Mystery Tour, cost $12.99, with the songs available for individual purchase at $1.29 each.
AT&T has caught up with the rest of the mobile carriers, and now offers a Mifi for getting your Internet anywhere…well anywhere they have a cell tower. And by judging by my iPhone reception, this idea is a day late and
[AT&T]
The Kinect, Microsoft’s new “controller” for Xbox 360, was hacked this week. For an informative article on how to hack it yourself, check this out: [Hack Kinect]
Since this post has gotten long already, I’ll post up Thursday’s LAMP fact in a couple hours. Stay tuned.
