https://bz.apache.org/bugzilla/show_bug.cgi?id=69743
--- Comment #30 from mikew...@gmail.com <mikew...@gmail.com> --- Amazon has an official note on their site now under: EC2 -> Load balancers -> your_ALB_name_here -> HTTPS:443 listener Listener certificates for SNI To support Server Name Indication (SNI), the load balancer requires additional certificates to enable it to support multiple domains on the same port and to provide a different certificate for each domain. The load balancer uses a smart certificate selection algorithm to select the best certificate that the client can support. However, if the client does not support SNI, the load balancer uses the default certificate. If you specify additional certificates in a certificate list, the default certificate is used only if a client connects without using the SNI protocol to specify a hostname or if there are no matching certificates in the certificate list. If you don't specify additional certificates but need to host multiple secure applications through a single load balancer, you can use a wildcard certificate or add a Subject Alternative Name (SAN) for each additional domain to your certificate. ======= So the last paragraph in the above appears to be their official solution which is similar to what others have suggested in this thread. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
