I don't think that would work.... If I remember correctly, pound tracks each cert in a linked list and uses globbing to determine which to use... but it does that by "Cert" line, not by certificates within a file.
Joe > -----Original Message----- > From: Heiko Schlittermann [mailto:[email protected]] > Sent: Thursday, October 20, 2011 3:32 PM > To: [email protected] > Subject: Re: [Pound Mailing List] Multiple SSL > > Hello Wayne, > Wayne Smith <[email protected]> (Thu Oct 20 15:39:08 > 2011): > > Pound is definitely only using the last certificate. If I do this > > > > > > ListenHTTPS > > Address 192.168.7.1 > > Port 443 > > Cert "/etc/pki/tls/certs/pound.pem" > > Cert "/etc/pki/tls/certs/manage.domain2.org.uk.pem" > > Cert "/etc/pki/tls/certs/wild.domain1.org.uk.pem" > > If all the mentioned preconditions are met (SNI support, single > external IP, recent OpenSSL libraries), you may try to put your certs > into a > *single* file. > > It's just wild guesswork, and I do not experience with setups like > yours, but in the case of missing of other ideas ;-). > > -- > Heiko :: dresden : linux : SCHLITTERMANN.de GPG Key 48D0359B : 3061 > CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B
