hi, Leif
it seems does'nt work... following is my test config:
ssl_multicert.config:
dest_ip=* ssl_cert_name=cert.pem ssl_key_name=key.pem
records.config:
CONFIG proxy.config.http.server_ports STRING 80 443:ssl
remap.config:
map https://.*.test.com/ https://$1.test.com/
with SNI and SSL Termination, i want when browser access https://a.test.com, shows the certificate
of a.test.com;
but the above configuration , show all the https sites the same certificate...
i don't know wheather i misunderstand the sni and ssl termination, or the config is not correct~
At 2013-03-11 22:19:24,"Leif Hedstrom" <zwoop@apache.org> wrote:
If you run a version of ATS that supports SNI, yes. Pretty sure v3.2.4 does, for example.
-- Leif
On Mar 11, 2013, at 4:00 AM, Esmq <esmq@163.com> wrote:
hi, all
we know that an extension to TLS called Server Name Indication (SNI) ,enable web server to
select a correct virtual domain
and shows the borwser the cerficate containing the correct name...
apache/nginx just do the right thing...
and i know when configure ats as ssl reverse proxy, the cerficated shows to the browser is
the cerficate that on ats, not the cerficated on the original server...
so. when ats act as reverse proxy, does sni work?
|