That's great.... Thanks!!! But is an equivalent for CA's not required?
-----Oorspronkelijk bericht----- Afzender: Joe Gooch <[email protected]> Verstuurd: Donderdag 13 December 2012 20:59 Aan: '[email protected]' <[email protected]> Onderwerp: RE: [Pound Mailing List] Re: Certificates in a folder https://github.com/goochjj/pound/commits/stage_for_upstream/v2.7b Now has a CertDir directive. Joe From: Jean-Pierre van Melis [mailto:[email protected]] Sent: Tuesday, December 11, 2012 5:14 AM To: [email protected] Subject: FW: [Pound Mailing List] Re: Certificates in a folder > Pound doesn't have information which certificate should use on which listener. I don't want to specify a global folder, but I want to specify a folder for each listener. One folder for the CA's and one for the certificates. There I can place all the different certificates. I am using SNI (Server Name Indication), which means I can have more than 1 certificate on 1 listener. Because you might not need it, you are not thinking of that. Cheers -----Oorspronkelijk bericht----- Afzender: Andrzej Dopierała <[email protected] <mailto:[email protected]> > Verstuurd: Zondag 9 December 2012 18:04 Aan: [email protected] <mailto:[email protected]> Onderwerp: Re: [Pound Mailing List] Re: Certificates in a folder W dniu 09.12.2012 14:52, Jean-Pierre van Melis pisze: Can't we get an update on this? If this is possible I don't have to write a script for this. what do you mean? do you want to use default path to certificates to specify only: Cert "cert1.pem" in config? if yes - it's enough to run pound from this directory: wwwlb:/etc/ssl/certs# grep test.pem /etc/pound/pound.cfg #Cert "/etc/ssl/certs/test.pem" Cert "test.pem" wwwlb:/etc/ssl/certs# /usr/sbin/pound starting... wwwlb:/etc/ssl/certs# ps auxwwf |grep -i pound www-data 27745 0.0 0.0 4180 644 ? Ss 16:49 0:00 /usr/sbin/pound www-data 27746 0.0 0.0 4692 632 ? Sl 16:49 0:00 \_ /usr/sbin/pound but - if you wish to just put directory and you want to pound select certificates himself - it's impossible. Pound doesn't have information which certificate should use on which listener. -------- Oorspronkelijk bericht -------- Van: Jean-Pierre van Melis <[email protected]> <mailto:[email protected]> Datum: Aan: "'[email protected]'" <mailto:'[email protected]'> <[email protected]> <mailto:[email protected]> Onderwerp: Certificates in a folder AFAIK we need to specify the full path of certificates in the pound.cfg using multiple directives called "Cert". For management purposes it would be great if we could specify a folder there and all certificates are parsed and used. -- Regards, Andrzej 'The Undefined' Dopierała http://andrzej.dopierala.name/ <http://andrzej.dopierala.name/>
