[squid-users] Multiple SSL Domains on Reverse Proxy
Henrik Nordstrom
hno at squid-cache.org
Mon Dec 1 07:59:31 UTC 2014
lör 2014-11-29 klockan 20:39 -0500 skrev Roman Gelfand:
> Is it possible to listen on port 443 for requests for multiple domains
> ie... www.xyz.com, www.mno.com, etc...?
If you have one IP address per domain then it's just one https_port with
explicit ip:port per domain, with vhost or defaultdomain= telling Squid
what hostname to use as requested host in HTTP(S).
Supporting more than one domain on the same ip:port is currently only
possible if you use a multi-domain certificate.
We really should support SNI negotiation to select certificate based on
client requested domain. SNI is a TLS extension to indicate requested
host during TLS negotiation and is quite well supported in todays
browsers. Patches implemententing this are very welcome.
Regards
Henrik
More information about the squid-users
mailing list