HTTPS and HTTP Servers with same IP?
-
I am started to learn about the basics of web hosting and site development and would like to host multiple websites on my home network. This would be for development purposes only. I currently host a Nextcloud server on my network with a lets encrypt certificate. As I understand it, you cannot host more than one secure site per IP address, but is it possible to host a secure and multiple non secure websites per public IP?
-
Using multiple secure sites on the same address requires SNI, so as long as you have clients that support SNI you can overload that way even with HTTPS.
I know HAProxy can key off SNI to select a different backend/cert for different hostnames, I think apache can as well but that's beyond the scope of pfSense. You'll need to post that to a forum specifically for your web server software.
-
What if I wanted one secure site and multiple non secure sites. Does that require SNI?
-
Secure is on 443, non-secure on port 80. The two would not interact.
-
you can host as many sites as you want on http on 1 ip address.ย To the limit of what the server your running it on can handle and the bandwidth you have.
-
I must not be understanding something here because I thought for sure I was running multiple https (443) sites on a single IP address.
http://s1.domain.com (main web site)
https://s1.domain.com (main web site)
https://s2.domain.com (web mail site)
https://s3.domain.com (Dynamic DNS IP check web site)All go to the same IP address.ย Same machine with single installation of Apache.
Apache/httpd allows running multiple https (443) virtual hosts.ย At least it appears to to me.ย What am I not understanding?
-
Nothing, that would be using SNI for HTTPS name-based virtualhosts. Apache does that on its own without much fuss.