Wondering how people deal with SSL certs with multiple frontends? Do you put wildcard certs on the proxies and leave the SSL processing on each unit? Do you use an SSL-aware load-balancer and let it hold a cert for the published hostname and do the heavy lifting? If there's some 3rd way, I'm interested to hear it. I'm not really clear what would happen on a load-balancer with TLS switchovers, doesn't that imply the load-balancer has to be application-aware not just like a hardware version of stunnel? ---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
