Limitations of HTTPS
Explore the limitations of HTTPS in Node.js security. Understand challenges like virtual host restrictions, connection speed, caching complications, and certificate options. This knowledge will help you implement HTTPS effectively while making informed decisions on hosting and security strategies.
We'll cover the following...
Limitations
There are a few limitations when using HTTPS that may make it infeasible in certain circumstances.
Virtual hosts
Under normal configurations, virtual hosts cannot be used with SSL. This is a problem when using shared hosting or simply running multiple sites on the same server. The server can’t determine the host header until the connection has been completed, which requires SSL authentication. Because certificates can have only one host, it will simply not work.
There is an easy way around this! Set up multiple IP addresses and use IP-based hosts instead of the name-based host resolution. I recommend setting up a separate server for secure sites. Generally, if you need HTTPS, you are probably at the point of needing a dedicated server as well.
There are some hosting providers with shared certificates that can be used across hosted sites. ...