Annoyances


Sorry for being re-miss with the blogging lately. I’ve been hardcore into Rocking the ’80s lately.

As I mentioned a while ago, I moved the hosts http://www.hejweca.org and http://www.intotheweeds.com to a virtual server co-located somewhere at Andy’s roadkill.com. And that’s pretty awesome. But, I still use my server at home for webmail.hejweca.org and mail.hejweca.org, and some other things — including a WebDAV server for sharing iCal calendar data. Unfortunately, a few months ago my self-signed SSL certificate expired, and I’ve been too lazy to regenerate one.

The problem is, of course, that the server only has one IP address to the outside (it’s on a cable modem), and so uses name-based virtual hosting in apache. I’d have to say that one of the greatest annoyances in the world is that name-based virtual hosting does not work with SSL. That is to say, since webmail.hejweca.org, mail.hejweca.org and calendar.hejweca.org all share the same IP address and are separated into virtual hosts by name only, I can’t have different SSL certificates for each vhost. This is a problem, because, as we all know, SSL certificates are tied to the name of the server you’re going to. So, if you go to https://webmail.hejweca.org in your browser, you’d get a nasty warning that the certificate belongs to some other name. Anyway, it’s a pisser because I’m trying to fix the SSL WebDAV server. Maybe I’ll try to make it authenticated access internal-only, and not use SSL at all. Bah, that’s nasty. Yes, I know why the problem exists; and that it really can’t be fixed without re-jiggering the SSL protocol and the HTTP protocol in potentially dangerous and nasty ways, but maybe someone, somehow, somewhere is working on it.

And while I’m on the topic of general annoyances, why does Sun’s patching system for Solaris have to suck so much? And, for that matter, why does Sun’s package management system (if you can call it that) for Solaris suck so much too? And also, why are plane tickets so damn expensive these days? $350/person to go to Chicago? Give me a break!

  1. #1 by Mark J. on August 5, 2007 - 2:22 pm

    Ben,
    Not sure if your cable company will do this, but Mediacom here will give you a second or third IP for $5/month each. I used to have two. I had a switch first in line from the modem and then two routers, each with its own outside IP. Worked like a charm.