--On Mittwoch, 9. Juli 2003 13:47 +0200 Henrik Nordstrom <[EMAIL PROTECTED]> wrote:
ons 2003-07-09 klockan 10.41 skrev Jan Legenhausen:Hi,
though i found a mail from Henrik (dated Wed Apr 18 2001) talking about using multiple certificates on a https_port, i was not able to figure out how this could be achieved using squid-2.5.STABLE2.
This is technically impossible, not a limitation of Squid.
You can only have a single server certificate per ip:port combination. The server certificate exchange is one of the very first things that happen, long before the client transmits the request and thus long before it can be determined which domain name the client have requested.
https:// is the protocol chain HTTP/SSL/TCP/IP, and as you can see SSL runs below HTTP and does not have knowledge of the HTTP content. It just encrypts/decrypts the http data.
Thanks for this quick & profound answer! I was a bit confused, cause i *thought* some webserver (iis?) could handle multiple certs on one ip - but your explanation sounds logical....
so the solution here might be using a wildcard cert...(if it's the same sld).
regards, Jan
Regards Henrik
--
