Good day. I have two different domains, which I would like to redirect to two different web servers using relayd (all of them running on the same machine). One of them is just httpd serving static files, and the other is a web app that I want to run on the alternative domain.
Is such a setup possible? Obviously I can match against the Host header when forwarding, but the problem is that when relayd listens with tls the server certificates are determined by the listen address. This is obviously a problem because each domain has a different certificate (both of which acquired from let's encrypt). I understand you can get wildcard certs for SLDs, which I guess would circumvent the problem, since then both domains would use the same cert for relayd to listen with, however I wish to use to completely separate FLDs. Is the *only* way to achieve this having two separate network interfaces with different addresses? With IPv6 that isn't a problem, but I need to support IPv4, and v4 addresses are expensive. So, in summary, is it possible for relayd to know what the correct certificate to use is, before receiving the HTTP request from the client? Is this possible to achieve with SNI? I haven't found any mentions of SNI in the relayd man page, so I can only assume it doesn't support SNI? Any advice, pointers or trout slaps would be greatly appreciated.
