On 4/5/2011 1:42 PM, W. Jeffrey Brown wrote:
I've looked all over and can't find this answer
We have pound running and passing traffic off for two hosts. Each host has it's
own set of servers.
What I need to know is what the proper configuration would be for each host to
have its own ssl cert.
Here is a sanitized version of the pound config that we are using.
# Replace "localhost" by your IP or host name
ListenHTTPS
Address 0.0.0.0
Port 443
Cert "/opt/pound/ssl/server.pem"
Client 15
RewriteLocation 0
Service
BackEnd
Address WWW.XXX.YYY.ZZZ
Port 80
Timeout 15
End
End
End
ListenHTTP
Address 0.0.0.0
Port 80
Client 15
RewriteLocation 0
Service
HeadRequire "Host:.*domain1.com.*"
BackEnd
Address 192.168.99.196
Port 80
Timeout 15
End
BackEnd
Address 192.168.99.197
Port 80
Timeout 15
End
End
Service
HeadRequire "Host:.*domain2.com.*"
BackEnd
Address 192.168.99.198
Port 80
Timeout 15
End
BackEnd
Address 192.168.99.199
Port 80
Timeout 15
End
BackEnd
Address 192.168.99.200
Port 80
Timeout 15
End
End
End
There's 2 easy choices:
1) Get 1 cert with both CN fields on it. Most SSL providers offer these
for not much more (I have one that allows 5 names on 1 cert from Godaddy
- it wasn't expensive).
2) Move them to different IPs and then update your ListenHTTP/HTTPS
blocks, specifying the different certs for each IP.
Regards,
--
Dave Steinberg
http://www.geekisp.com/
http://www.steinbergcomputing.com/
http://www.redterror.net/
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
