In my case port separation is all I need. For now anyway. I'm running Zimbra and Apache on the same server. Port 443 was taken by Zimbra. Now that Zimbra is listening on another port I can configure apache to use SSL with the default port.
1. Wasn't sure I could change the port number in Zimbra
2. OpenVZ offers lots more options assuming it works - don't think it will
3. Your solution is easy and it works...
----- Original Message -----
From: "Arthur Corliss" <acorliss@nevaeh-linux.org>
To: "Damien Hull" <damien@linuxninjas.tv>
Cc: aklug@aklug.org
Sent: Wednesday, May 27, 2009 9:02:37 AM GMT -09:00 Alaska
Subject: Re: [aklug] Re: A virtual server inside a virtual server
On Wed, 27 May 2009, Damien Hull wrote:
> Thanks for the suggestion... I'm now running Zimbra with SSL on port 2032. Don't know why I didn't think of this my self. I did get burned once changing the postfix configs. That's a different story... Anyway, it works.
I think some clarity is required. If by "services" you meant SSL-enabled
protocols, like HTTPS, SMTP w/TLS, etc., then my suggestions isn't a
suggestion -- port separation is there by default. SMTP, for instance,
still uses port 25 with TLS, it just initiates the encrypted session via
plain text commands.
But, if you say "services" when you mean "virtual domain hosting with a
separate cert per domain", then port separation is an option. But, if your
service supports TLS rather than just SSL, the requisite certificate can be
negotiated if your application/protocol supports it. I think Mike Barsalou
was experimenting with this at one point w/apache. I don't know if he got
it working, I do recall he found that the necessary TLS extensions weren't
enabled in OpenSSL by default until a fairly recent version.
--Arthur Corliss
Live Free or Die
-- Damien Hull Linux Ninja Open Source Assassin http://linuxninjas.tv http://elite.linuxninjas.tv http://www.digital-overload.net --------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.Received on Wed May 27 09:52:51 2009
This archive was generated by hypermail 2.1.8 : Wed May 27 2009 - 09:52:51 AKDT