Posts tagged ‘SSL’

I use CAcert.org for most of my X.509 certificates (aka SSL-certificates). It has some very important advantages and disadvantages: being free and being non-default in most systems. Usually it’s not much of a hassle to import the root certificate into a browser, OS or mail client. On Android however, things seemed a little more complex.

CAcert.org does provide some detailed instructions , but they needed some tweaking to work on my MacOSX system. Simply following the instructions got me this helpful error:

keytool error: java.lang.ClassNotFoundException: org.bouncycastle.jce.provider.BouncyCastleProvider

Continue reading ‘Installing an additional X.509 root certificate on Android’ »

When hosting multiple sites on a single IP, HTTP1.1 has the necessary items on board to route the request to the correct site. This works because an HTTP 1.1 request includes a Host: header, which indicates to the server which site the client wishes to access.

When using SSL-secured connections, this doesn’t work anymore. The problem is similar to the situation in HTTP1.0: The server needs to know to which SSL-host the connection is addressed. SNI introduces a similar solution: It specifies an extension to the SSL negotiation to indicate which server the client wishes to access.

Continue reading ‘SSL vhosts with Apache’ »