Hello,I am not an expert, so I apologize if my question is unclear.I have a problem with setting up a load balancer that supports ssl with a valid certificate.It works ok when I refer to the balancer members by a valid DNS name.However, if I just put the IP address of the balancer members, I getERROR: certificate common name '*.mydomain.com' doesn't match requested host name '52.26.53.37'.I am following the load balancer sample config found here:that I adapted to ssl, here is my ssl.conf :<VirtualHost *:443>SSLEngine OnSSLCertificateFile /etc/pki/tls/certs/wildcard.mydomain.com.crtSSLCertificateKeyFile /etc/pki/tls/private/wildcard.mydomain.com.keySSLCACertificateFile /etc/pki/tls/certs/wildcard.mydomain.com.chain.crtErrorLog /var/www/mydomain.com/logs/error.logCustomLog /var/www/mydomain.com/logs/access.log combinedProxyRequests off<Proxy balancer://cluster># Using valid DNS names for the members works wellBalancerMember https://ws1.mydomain.com/BalancerMember https://ws2.mydomain.com/# Using the IP address of the members returns the certificate error given aboveI would like to be able to use only the IP addresses so that I can add a variable number of BalancerMember that I could start dynamically on a cloud setup.#BalancerMember http://52.73.75.46/#BalancerMember http://52.26.53.37/ProxySet lbmethod=byrequests</Proxy><Location /balancer-manager>SetHandler balancer-manager</Location># ProxyPreserveHost OnProxyPass /balancer-manager !ProxyPass / balancer://cluster/</VirtualHost>Using a DNS entry for each BalancerMember makes everything more complicated.Is there a way to configure httpd so that only the load balancer servers needs to have a valid certificate and a DNS name ?All the balancerMembers behind the load balancer would exist only with their IP address.Thank youGilbert
|