I think it could be added to the master branch 2015-05-26 9:46 GMT+02:00 Helmut <[email protected]>:
> Thanks Mirek, > recompile config.h without else branch seems to work, pound start now! > I have to do further tests now, that all alternative domains in > certificate also work now. > Helmut > > Am 25.05.2015 um 20:02 schrieb Miroslav Danek: > > Hello, > > In December I reported Same problem > > > http://www.apsis.ch/pound/pound_list/archive/2014/2014-12/1418907678000#1418907678000 > > So far, no response. The problem is that the Comodo really does not make > CN into the MDC but only SANs. > > Pound requires that the CN in the certificate. > > You can try to remove the "else" branch in a file config.c at line 1087. > No warranty is given as to do it. > > My solution was to switch from the pound to nginx > > regadrs > Mirek > > On 24. 5. 2015, at 20:06, Helmut <[email protected]> wrote: > > Hello everyone, > > i have a problem to start pound with a multidomain-certificate from > commodo. > It is installed on a apache webserver with multiple domains. > The first you can reach with the domain and url on > https://webmail.ecom-server.de. > > On my debian wheezy system there is installed pound version 2.6-2+deb7u1 > > If I start pound , i got: > starting... > /etc/pound/pound.cfg line 65: ListenHTTPS: could not get certificate CN > Line 65 is:* Cert "/etc/pound/poundssl.pem"* > > Here ist my /etc/pound.cfg where XXX.XXX.XXX.XXX is the IP of my server: > > *ListenHTTP* > * Address XXX.XXX.XXX.XXX* > * Port 80* > * Service* > * BackEnd* > * Address 127.0.0.1* > * Port 8000* > * End* > * End* > *End* > *ListenHTTPS* > * HeadRemove "X-Forwarded-Proto"* > * AddHeader "X-Forwarded-Proto: https"* > * Address XXX.XXX.XXX.XXX* > * Port 443* > * Cert "/etc/pound/poundssl.pem"* > * Service* > * Backend* > * Address 127.0.0.1* > * Port 8000* > * End* > * End* > *End* > > I also did my certificate */etc/pound/poundssl.pem *with all of this: > https://www.digicert.com/ssl-support/pem-ssl-creation.htm > but it seems pound cannot read the domainnames from my commodo > multidomain-certificate. > > I also compile the latest version from scatch, but with the same error > mail:/opt/Pound-2.7$ ./pound -v -f /etc/pound/pound.cfg > starting... > /etc/pound/pound.cfg line 65: ListenHTTPS: could not get certificate CN > > Someone have an idea? > Thanks > helmut > > > > > > > > -- Load balancer distribution - Open Source Project http://www.zenloadbalancer.com Distribution list (subscribe): [email protected]
