Hi Anoop, I think you are complicating things a bit. Without having the full picture I will make some assumptions Let's assume you are hosting 4 unique domains; domain1.com, domain2.com, domain3.com, domain4.com. each has its own SSL Cert. If you have copied the SSL certs for each domainX.com to the 4 apache servers, then all you need to do is set up the VIP IP, which it seems like you have, and have apache-ssl listen on that VIP for example, if domain1.com resolves to 192.168.10.11 and domain2.com to 192.168.10.12, etc etc As long as the real servers have those IP's locally (like you said using arptables_jf) and apache is listening for each vhost entry to the specific IP with the specified cert, you should be all done.
To answer your last question, the only way to do it using 1 IP, is to have apache listen on different ports for each SSL cert. that gets more complicated, so you're better off doing IP-based for SSL hosting. Hope this helps, Philip On Wed, Oct 21, 2009 at 8:50 PM, Anoop Bhat <[email protected]> wrote: > Hi, > > I’ve setup an LVS DR cluster for apache that’s vhosting several domains > with SSL. Four to be exact. > > Since it’s not a wildcard cert, I’ve had to setup 8 IP addresses on the > server. Four that are the VIPs (using arptables_jf) and four that will > listen on port 443 for the VIPs. > > Is this the correct way to do this or am I complicating things too much? > > As far as I can tell, you can’t have one IP get the traffic for all four > VIPs. Is that right? > > Thanks > > Anoop Bhat > Systems Administrator > Trustwave > 70 W. Madison > Chicago, IL, 60602 > O: 312.873.7446 > C: 312.925.3271 > > > > _______________________________________________ > Please read the documentation before posting - it's available at: > http://www.linuxvirtualserver.org/ > > LinuxVirtualServer.org mailing list - [email protected] > Send requests to [email protected] > or go to http://lists.graemef.net/mailman/listinfo/lvs-users > _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
