multiple SSL key's on one IP several Vhosts...
Ulf Zimmermann
ulf at Alameda.net
Thu Apr 17 12:48:28 PDT 2003
On Wed, Mar 05, 2003 at 11:05:12PM -0400, Chris Bowlby wrote:
> Hi All,
>
> Googling for a result of an issue where I've got more then one SSL key I
> want to enable on a site (one that is certified and one that is self
> signed) I ran across and issue where Multiple key's appear to not work on
> the same IP, is this still the case? even after two years? Who's bright
> Idea was it to tie the SSL key to the IP address and domain, and not just
> the domain?
>
> If anyone has a work around for the this, it would be very useful to know
> (other then more then one IP assigned to the VH, not an option as a
> limitation of jails...)
>
> thanks in advance..
I work at a company where we have many different hosts/domain and
everything has to be SSL, although the actual application behind it
is the same. The application does present different layout logo per
virtual site, but otherwise internal and database wise its the same.
Managing multiple hosts behind the load balancer with SSL was a pain.
We ended up getting us an Alteon (Nortel) iSD100 setup, which is a
SSL offloader. For the frontend we already had an Alteon AD3. The
frontside still has all the different IPs per virtual host, but the
actual servers only have now 1 IP, one config file with namedbased
virtualhosts. You can use two AD3 for failover, as well as up to
32 of the iSD100 in a cluster (there are different models I just
know the iSD100). Each iSD100 is capable of 7,000 sessions supposely,
it has two hardware SSL cards in a 1U case.
--
Regards, Ulf.
---------------------------------------------------------------------
Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-865-0204
You can find my resume at: http://seven.Alameda.net/~ulf/resume.html
More information about the freebsd-isp
mailing list