On Sep 28, 2014, at 10:15 AM, Jason Strongman <[email protected]> wrote:
> When you say 'incoming' request, do you mean > > 1. client to ATS ? > or > 2. ATS to origin ? > > Based on my understanding of the multiple certificate documentation, to > support this configuration, ATS requires multiple IPs. > Also based on my understanding, ATS does not support serving multiple > certificates if the TLS/SSL service only listens on one socket. https://trafficserver.readthedocs.org/en/latest/reference/configuration/ssl_multicert.config.en.html Specifically, the "Certificate Selection" section discusses how SNI requests are handled. We support SNI using the certificate subject and and alternate names in the certificate. If the documentation is not clear on this, I'd be happy to take patches or suggestions > > > > > On Sun, Sep 28, 2014 at 11:26 AM, Reindl Harald <[email protected]> > wrote: > > Am 28.09.2014 um 18:24 schrieb Jason Strongman: > > Version - 4.2.1.1 > > Mode - Reverse Proxy > > > > Objective: To support multiple SSL sites, each with their own certificate, > > and only use one IP/Port. > > Does ATS support SNI for incoming requests as described in the below links? > > ATS supports *only* SNI for incoming requests > >
