> Just wondering if it is possible to have a per vhost SSL config, so each
> vhost can have its own SSL certificate as it is possible with apache.
>
> Currently I don't see how this could be established.
This should be possible, yes, especially using the latest 1.3.8 release.
The way it works is via the new ServerAlias directive:
<VirtualHost 1.2.3.4>
Port 21
ServerAlias myftphost.example.com
TLSEngine on
...
</VirtualHost>
<VirtualHost 1.2.3.4>
Port 21
ServerAlias myotherftphost.example.com
TLSEngine on
...
</VirtualHost>
If you use a DNS name for the <VirtualHost> line, rather than an IP address,
ProFTPD automatically adds a "ServerAlias" setting for that name.
With these, things should work as you expect. The FTPS-capable client
_should_, in its TLS handshake, send the Server Name Indicator (SNI) field,
whose name will match one of the named <VirtualHost> sections -- and mod_tls
will notice this, and update/use all of that vhost certificates/keys, etc.
Hope this helps,
TJ
_______________________________________________
ProFTPD Developers List
<[email protected]>
https://lists.sourceforge.net/lists/listinfo/proftp-devel
