Note that with wildcard certs, or serverAltName certs, no special

workarounds are needed. (viz https://issues.apache.org/bugzilla/show_bug.cgi?id=51746 )


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1296919 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 10 insertions, 0 deletions

diff --git a/docs/manual/ssl/ssl_faq.xml b/docs/manual/ssl/ssl_faq.xml
index 8fa2ce3bbe..96d0938c98 100644
--- a/docs/manual/ssl/ssl_faq.xml
+++ b/docs/manual/ssl/ssl_faq.xml
@@ -607,6 +607,11 @@ error when connecting to my newly installed server?</title>
     handshake is finished, but the information is needed in order to
     complete the SSL handshake phase. See the next question for how to
     circumvent this issue.</p>
+    
+    <p>Note that if you have a wildcard SSL certificate, or a
+    certificate that has multple hostnames on it using subjectAltName
+    fields, you can use SSL on name-based virtual hosts without further
+    workarounds.</p>
 </section>
 
 <section id="vhosts2"><title>Is it possible to use Name-Based
@@ -622,6 +627,11 @@ Virtual Hosting to identify different SSL virtual hosts?</title>
     feature that only the most recent revisions of the SSL
     specification added, called Server Name Indication (SNI).</p>
 
+    <p>Note that if you have a wildcard SSL certificate, or a
+    certificate that has multple hostnames on it using subjectAltName
+    fields, you can use SSL on name-based virtual hosts without further
+    workarounds.</p>
+
     <p>The reason is that the SSL protocol is a separate layer which
     encapsulates the HTTP protocol. So the SSL session is a separate
     transaction, that takes place before the HTTP session has begun.