trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Esmq <>
Subject Re:Re: ssl reverse proxy and ssl sni ?
Date Tue, 12 Mar 2013 03:22:15 GMT
hi, Leif

it seems does'nt work... following is my test config:

dest_ip=*       ssl_cert_name=cert.pem ssl_key_name=key.pem

CONFIG proxy.config.http.server_ports STRING 80 443:ssl

map https://.* https://$

with SNI and SSL Termination, i want when browser access, shows the certificate

but the above configuration , show all the https sites the same certificate...

i don't know wheather i misunderstand the sni and ssl termination, or the config is not correct~

At 2013-03-11 22:19:24,"Leif Hedstrom" <> wrote:

If you run a version of ATS that supports SNI, yes. Pretty sure v3.2.4 does, for example.

-- Leif 

On Mar 11, 2013, at 4:00 AM, Esmq <> wrote:

hi, all

we know that an extension to TLS called Server Name Indication (SNI) ,enable web server to
select a correct virtual domain
and shows the borwser the cerficate containing the correct name...

apache/nginx just do the right thing...

and i know when configure ats as ssl reverse proxy, the cerficated shows to the browser is
the cerficate that on ats, not the cerficated on the original server...

so. when ats act as reverse proxy, does sni work?

View raw message