The way I solved this problem was to create one virtual IP for each domain, plus one local IP on each physical node. I guess over time you will collect tons of IPs, depending on how many domains you have. I don't have too many (at least not those that require https), so it works for me.
Example: domain-a.com has public IP xxx.xxx.xxx.5 and is redirected to 192.168.1.5 on server1 and 192.168.1.6 on server2 domain-b.com has public IP xxx.xxx.xxx.6 and is redirected to 192.168.1.7 on server1 and 192.168.1.8 on server2 and so on... Not particularly elegant, but I am not sure if there is any better way.... I thought that the hostname is part of the encrypted request. If that is true, then the certificate can not be linked to the hostname, but must be linked to an IP, because in order to get the hostname from the request, the request has to be decrypted first. So the proper certificate has to be selected before we even know the hostname. If that is wrong, then please correct me... MARK > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of Ullrich Pfefferlein > Sent: Monday, August 06, 2007 8:09 AM > To: LinuxVirtualServer.org users mailing list. > Subject: Re: [lvs-users] Multiple domains with SSL inside a 2 > machine cluster > > On 8/6/07, Joseph Mack NA3T <[EMAIL PROTECTED]> wrote: > > On Mon, 6 Aug 2007, Ullrich Pfefferlein wrote: > > > > > Due to multiple certificates within one machine requires > ip aliasing i > > > would like to know how to setup this. > > > > A certificate is associated with a hostname, not an IP. > Correct but apache (openssl) requires one ip per https binding. Its > not possible to setup different domains with name based virtual hosts > via one single ip address. > Thats why i spoke about ip aliasing. > > If theres an other way to solve this please let me know. > > Ullrich > > _______________________________________________ > LinuxVirtualServer.org mailing list - [email protected] > Send requests to [EMAIL PROTECTED] > or go to http://lists.graemef.net/mailman/listinfo/lvs-users > _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
