Hi again!
So I've successfully setup Pound to serve SSL for several domains using
multiple certs (SNI). However I'm still faced with one problem. For a
domain, let's call it domaina.com, I have installed a basic Comodo
EssentialSSL certificate on the common-name www.domaina.com. As a
service Comodo adds the naked domain, domaina.com, as a Subject
Alternative Names (SAN) to the certificate. Pound however doesn't seem
to recognize this naked-domain when matching an incoming request and
instead serves out the first certificate defined. I've triple checked
the certificate and it shows both domaina.com as well as
www.domaina.com.
My config:
ListenHTTPS
Address my-public-ip
Port 443
RewriteLocation 0
xHTTP 0
Cert "/etc/pound/ca/domainb.pem"
Cert "/etc/pound/ca/domainc.pem"
Cert "/etc/pound/ca/domaina.pem"
Service
Backend
Address 127.0.0.1
Port 8080
End
End
End
Using Pound version 2.6-2 on Debian Wheezy
Any one has any idea what could be wrong?
Thanks in advance,
Filidor Wiese
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
