Say I have an hosted application which allows the user to use their own domain name (company.com) to access it, and that application must be accessed over SSL, how do you go about our SSL certificate not being registered to their domain. Sure the connection will be safe but the browser will pop up a warning saying the certificate is invalid for this domain. I dont think this problem occur for sub domains (company.ourdomain.com), I think you can register a wildcarded SSL cert which means it would apply to *.domain.com. This allow you to use the subdomain as the account key over SSL. But what like the first example you want to you the whole domain? Many thanks, Kris. -- Posted via http://www.ruby-forum.com/.
Hi Kris, On 14 Feb 2006, at 09:04, Kris Leech wrote:> Say I have an hosted application which allows the user to use their > own > domain name (company.com) to access it, and that application must be > accessed over SSL, how do you go about our SSL certificate not being > registered to their domain. Sure the connection will be safe but the > browser will pop up a warning saying the certificate is invalid for > this > domain. > > I dont think this problem occur for sub domains > (company.ourdomain.com), > I think you can register a wildcarded SSL cert which means it would > apply to *.domain.com. This allow you to use the subdomain as the > account key over SSL. > > But what like the first example you want to you the whole domain?It''s not possible. You need their certificate on your server. There is another implication as well, you can''t use vhosts with SSL certificates. This is because the browser and server negotiate an encrypted connection *before* the browser tells the server which URL it wants to load. So you can only have one IP per certificate. Could you use *.yourgenericname.com, e.g. theircompanyname.yourgenericname.com? If not, the only way is to get them to give you a certificate pair. Jon
You could setup virtual hosts using IP and then you''ll be able to provide SSL for each of the domains. But instead of having a document root for each they all use the same document root. Essentially it will be multiple virtual ip hosts sharing the same document root. On Tue, February 14, 2006 9:04 am, Kris Leech wrote:> Say I have an hosted application which allows the user to use their own > domain name (company.com) to access it, and that application must be accessed over SSL, > how do you go about our SSL certificate not being registered to their domain. Sure the > connection will be safe but the browser will pop up a warning saying the certificate is > invalid for this domain. > > I dont think this problem occur for sub domains (company.ourdomain.com), > I think you can register a wildcarded SSL cert which means it would > apply to *.domain.com. This allow you to use the subdomain as the account key over SSL. > > But what like the first example you want to you the whole domain? > > > Many thanks, Kris. > > > -- > Posted via http://www.ruby-forum.com/. > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails > > >-- Website: http://www.mooktakim.com email: mma@mooktakim.com
How does basecamp handle it? One of the plans offers SSL and it uses subdomains. Do you think they bought a bundle of certs and just auto-create it on the fly? On 2/14/06, Md Mooktakim Ahmed <Mooktakim@hotmail.com> wrote:> You could setup virtual hosts using IP and then you''ll be able to provide SSL for each > of the domains. But instead of having a document root for each they all use the same > document root. > > Essentially it will be multiple virtual ip hosts sharing the same document root. > > On Tue, February 14, 2006 9:04 am, Kris Leech wrote: > > Say I have an hosted application which allows the user to use their own > > domain name (company.com) to access it, and that application must be accessed over SSL, > > how do you go about our SSL certificate not being registered to their domain. Sure the > > connection will be safe but the browser will pop up a warning saying the certificate is > > invalid for this domain. > > > > I dont think this problem occur for sub domains (company.ourdomain.com), > > I think you can register a wildcarded SSL cert which means it would > > apply to *.domain.com. This allow you to use the subdomain as the account key over SSL. > > > > But what like the first example you want to you the whole domain? > > > > > > Many thanks, Kris. > > > > > > -- > > Posted via http://www.ruby-forum.com/. > > _______________________________________________ > > Rails mailing list > > Rails@lists.rubyonrails.org > > http://lists.rubyonrails.org/mailman/listinfo/rails > > > > > > > > > -- > Website: http://www.mooktakim.com > email: mma@mooktakim.com > > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails >
On 2/14/06, Theodore Mills <twmills@gmail.com> wrote:> How does basecamp handle it? One of the plans offers SSL and it uses > subdomains. Do you think they bought a bundle of certs and just > auto-create it on the fly?Probably with a wildcard certificate. http://www.google.com/search?q=+wildcard+certificate -- Jonas Elfstr?m
Thanks for replies. As well as basecamp which uses the wildcard type certs there is shopify, which I dont think is open to the public yet, but it allows you to "bring your own domain". http://blog.jadedpixel.com/articles/2006/01/24/how-domains-work-in-shopify So I would guess that shopify, which is a hosted commerce application, is not run over SSL or the pages that are SSL are on the same domain. Any ideas? Cheers Kris. -- Posted via http://www.ruby-forum.com/.