Disclaimer

The content of this blog is my personal opinion only. Although I am an employee - currently of Nvidia, in the past of other companies such as Iagination Technologies, MIPS, Intellectual Ventures, Intel, AMD, Motorola, and Gould - I reveal this only so that the reader may account for any possible bias I may have towards my employer's products. The statements I make here in no way represent my employer's position, nor am I authorized to speak on behalf of my employer. In fact, this posting may not even represent my personal opinion, since occasionally I play devil's advocate.

See http://docs.google.com/View?id=dcxddbtr_23cg5thdfj for photo credits.

Friday, June 11, 2010

Security: SSL or separate server users: choose one

I would like to set up my several shared hosted websites so that each server runs as a separate user.

I would also like to use SSL, to get password encryption for stuff like mediawiki passwords.

But I would like all the servers to use the same SSL certifucarte, since I have to pay for the privilege.

Unfortunately, the shared hosting service I use only allows different domains and subdomains to run as different users. It apparently does not allow different paths within the same domain, e.g. https://glew.ca/andy, to run as different users.

So it appears that, unless I pay for more certificates, or give in and run my own server computer, rather than just using shared hosting, I can have either SSL, or separate users - but not both.

(If they allowed wildcard certificates... but they don't. Or if they allowed setuid or the equivalent... but they don't.)