On Wed, 27 May 2009, Damien Hull wrote:
> Thanks for the suggestion... I'm now running Zimbra with SSL on port 2032. Don't know why I didn't think of this my self. I did get burned once changing the postfix configs. That's a different story... Anyway, it works.
I think some clarity is required. If by "services" you meant SSL-enabled
protocols, like HTTPS, SMTP w/TLS, etc., then my suggestions isn't a
suggestion -- port separation is there by default. SMTP, for instance,
still uses port 25 with TLS, it just initiates the encrypted session via
plain text commands.
But, if you say "services" when you mean "virtual domain hosting with a
separate cert per domain", then port separation is an option. But, if your
service supports TLS rather than just SSL, the requisite certificate can be
negotiated if your application/protocol supports it. I think Mike Barsalou
was experimenting with this at one point w/apache. I don't know if he got
it working, I do recall he found that the necessary TLS extensions weren't
enabled in OpenSSL by default until a fairly recent version.
--Arthur Corliss
Live Free or Die
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed May 27 09:02:48 2009
This archive was generated by hypermail 2.1.8 : Wed May 27 2009 - 09:02:48 AKDT