Friday, October 12, 2012, 11:05:37 AM, you wrote: > Hi Scott,
>> ... I'm guessing that you have a WildCard SSL Certificate or a UCC >> Certificate that will allow you to correctly encrypt the required >> traffic to your backend servers as you can only enable one SSL >> Certificate per real IP Address. > Isn't that the whole point of SNI? > > https://en.wikipedia.org/wiki/Server_Name_Indication#How_SNI_fixes_the_problem > How I understand it, SNI should enable the server to have multiple > certificates for the same IP, and the server then chooses the correct > certificate depending on the requested domain. Yes just load all certificates: Cert "cert1.pem" Cert "cert1.pem" Cert "certX.pem" Pound uses the domain in the CN field of the certificate to match the correct certificate to the request with SNI. > Cheers, Andreas. > -- > To unsubscribe send an email with subject unsubscribe to [email protected]. > Please contact [email protected] for questions. -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
