From: "Steven Levine" Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTP id 11323471 for ecs-isp@2rosenthals.com; Sat, 07 Dec 2024 01:44:51 -0500 Received: from secmgr-va.2rosenthals.com ([50.73.8.217]:34286 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.97.1) (envelope-from ) id 1tJoYS-00000000495-0yHG for ecs-isp@2rosenthals.com; Sat, 07 Dec 2024 01:44:40 -0500 Received: from mta-202b.earthlink-vadesecure.net ([51.81.232.241]:36307 helo=mta-202a.earthlink-vadesecure.net) by mail2.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.97.1) (envelope-from ) id 1tJoYH-000000004nq-0GOn for ecs-isp@2rosenthals.com; Sat, 07 Dec 2024 01:44:29 -0500 DKIM-Signature: v=1; a=rsa-sha256; bh=4VLjaagzAmR2EdQzpLaHUz3OduVerLKkpqmvBS c/JDs=; c=relaxed/relaxed; d=earthlink.net; h=from:reply-to:subject: date:to:cc:resent-date:resent-from:resent-to:resent-cc:in-reply-to: references:list-id:list-help:list-unsubscribe:list-unsubscribe-post: list-subscribe:list-post:list-owner:list-archive; q=dns/txt; s=dk12062016; t=1733553868; x=1734158668; b=GNSFXHTzzLuyDsJb1Zyh+OPLkWk 9Oej+AAxUfgeXRBfdWF7wC0ukv8eOwrGZ625SlYBJXTbxu5KFM7Pf8MZila/3HfR8Y4AtUs sPtD4aBfSmtsJTJcrVS0tMowNWoqJYVp5o8EXAGKpU6fej4zMZVkj3b2vzxsmmdbtB6t7Kq VlpoQ3xe+jyariFZ4NRJYfTg4Hu20um2fJWBfn0/4NwKNsjFq0p3GZvcjAAp1eeNe0vWL82 xaicWYlrRf5ak/mmtlkiCZhArLsDhlUpN3nqsHoEZw3QT+p6Bj8kZHYGsDhGwQkcFRsvJEF ZS+VwuHg3kwzZK35Tp9QUAc/szoOCpA== Received: from slamain ([172.56.178.196]) by vsel2nmtao02p.internal.vadesecure.com with ngmta id 76266420-180ed20ede705898; Sat, 07 Dec 2024 06:44:28 +0000 Message-ID: <6753ec28.35.mr2ice.fgrirsq@earthlink.net> Date: Fri, 06 Dec 2024 22:33:12 -0800 To: "eCS ISP Mailing List" In-Reply-To: Subject: Re: [eCS-ISP] Getting started with Let's Encrypt X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v3.00.11.24/60 In , on 12/07/24 at 01:28 PM, "Peter Moylan" said: Hi Peter, >Yes, in one way. I only have one server machine, with a single external >IP address, so all domains that I host will have to go on the same >certificate. This may work best for you and may be required for your webserve2 implementation, but this is server dependent and not required in general. For apache httpd, each virtual host can have its own cert and private key. >(Unless I have missed seeing some detail, there is no way to >know which domain is being addressed until the TLS negotiation is >finished.) This does not seem to be the case for apache httpd. I'd need to do some research to understand why. Steven -- ---------------------------------------------------------------------- "Steven Levine" Warp/DIY/BlueLion etc. www.scoug.com www.arcanoae.com www.warpcave.com ----------------------------------------------------------------------