Am 29.09.2014 um 02:01 schrieb James Peach: > On Sep 28, 2014, at 9:26 AM, Reindl Harald <[email protected]> wrote: >> >> Am 28.09.2014 um 18:24 schrieb Jason Strongman: >>> Version - 4.2.1.1 >>> Mode - Reverse Proxy >>> >>> Objective: To support multiple SSL sites, each with their own certificate, >>> and only use one IP/Port. >>> Does ATS support SNI for incoming requests as described in the below links? >> >> ATS supports *only* SNI for incoming requests > > In 5.1, ATS supports SNI for outbound origin requests too > (https://issues.apache.org/jira/browse/TS-2802)
cool - i wasn't even aware that it did not
maybe interesting on servers where the origin don't support
%{CONN_REMOTE_ADDR} and you are forced to have TLS there because
a config like below excluding the proxy from redirect is not
supported via mod_remoteip to stay with one IP address
added somewhere in httpd-2.4.x this year
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{CONN_REMOTE_ADDR} !^127\.0\.0\.1
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</IfModule>
signature.asc
Description: OpenPGP digital signature
