On 14/04/11 22:28, Pascal Bourdais wrote:
Le Fri, 25 Mar 2011 22:44:54 +1300,
Amos Jeffries<squid3@xxxxxxxxxxxxx> a écrit :
Hi,
Thank you for your answer, and sorry for the very late answer, i've
been out for a very long time.
On 25/03/11 22:09, Pascal Bourdais wrote:
I follow the doc at :
http://wiki.squid-cache.org/ConfigExamples/Reverse/SslWithWildcardCertifiate
but it give 1 certificate for 2 sites, and thus the certificat is not
valid when i access the sites.
The point of using a wildcard is that is *is* valid for more than one
domain. It says to the client that it is valid for all *.example.com
domains hosted by that server.
If they are not sub-domains then you will need a chained certificate
(X.509 aliases), or a separate port for each HTTPS receiving domain.
They are all differents domain, i look for this later.
I have the site I want working, the https for the others are still with
apache.
All the wrap are done by my mua. And I correct my config as you suggest.
Is there a way to let them as this, and just let squid act as a switch
between several https sites ?
Only if the certificate can match them all at once. Which I think is not
usually possible in one certificate for many domains. Squid does not
(yet) have dynamic certificates on its reverse-proxy https_port.
In theory there is nothing preventing it. Just nobody has coded it.
For now the best way is to allocate each a unique IP and configure Squid
with several https_port $ip:443 entries.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.12
Beta testers wanted for 3.2.0.6