On Fri, Oct 20, 2023 at 5:31 PM Marc <Marc@xxxxxxxxxxxxxxxxx> wrote: [...] > > ServerAlias test.*.* [...] > > > > A trivial and safe way if you need a solution asap might involve declaring > > a <vhost> for each host. > > I would like to have single access/error log for all these serveralias matches. That's no problem, multiple vhosts can write into the same access/error logs. > > I’ve not seen globbing/wildcarding like this, and also makes me curious is > > it possible to get a public key signed by a CA with this globbing pattern? > > yes I am getting the certs like this. I just want to prevent creating the vhosts I think what he ment is whether CAs issue wildcard certificates like test.*.*. They don't, and that wouldn't work anyway, since only one * is allowed, only at the beginning, and only representing a single level of host names. Concerning your problem, I think you're stuck with creating multiple vhosts if you want to use httpd with multiple separate certificates. If you can get a single certificate with all your hostnames as SAN entries, that would work as well. As an alternative, you could use OpenResty as an SSL offloader, and load your certificates on demand using some lua code in ssl_certificate_by_lua_block (https://github.com/openresty/lua-nginx-module#ssl_certificate_by_lua_block) Rainer --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|