On 2025/08/31 18:23, Brian Brombacher wrote: > I’ve done this with let’s encrypt certificates. You specify multiple names > in acme-client.conf and have them all go through the same relayd.
That's a single cert though. OP wanted separate certs. It's possoble to do that with pretty much any other current L7 proxy, just not with relayd. > > On Aug 31, 2025, at 6:02 PM, Stuart Henderson <stu.li...@spacehopper.org> > > wrote: > > > > On 2025-08-31, ashley <ash...@mundoh.net> wrote: > >> So, in summary, is it possible for relayd to know what the correct > >> certificate to use is, before receiving the HTTP request from the > >> client? Is this possible to achieve with SNI? I haven't found any > >> mentions of SNI in the relayd man page, so I can only assume it > >> doesn't support SNI? > > > > It is technically possible to do this via SNI, but relayd doesn't implement > > that. > > > > Personally I recommend just using relayd for lower level (managing PF > > redirects etc, and maybe basic L4 proxying) but using something other > > than relayd (haproxy, nginx or others) for your L7 proxies. > > > > -- > > Please keep replies on the mailing list. > > >
