Search squid archive
Squid Multiple SSL sites and Single IP solution
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Squid Multiple SSL sites and Single IP solution
- From: Jesse Smith <jessesmith@xxxxxxxxxxxxxx>
- Date: Mon, 05 Nov 2012 08:27:08 -0600
- User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20121026 Thunderbird/16.0.2
Hello everyone, thought i'd share our recent endeavor about getting
Squid to work with multiple SSL domains (single set of certs and one IP).
We were able to get that working, but didn't do us much good as we had
to be our own Root CA. We didn't want to have to have the users download
our cert into their browser, just to use our site. In other words,
everything was to remain transparent.
It is impossible to use a Root CA (Commercial like Verisign), because
you would have to have their private key to sign the generated certs.
Our solution was to use the Nginx web server, which supports multiple
SSL domains using a single IP. The server also acts as a reverse proxy.
Nginx uses SNI to get this configuration working.
I only mention this as Squid should do the same and potentially make it
a priority as places are looking for this kind of configuration
increasingly.
Anyway, that's the story ... thanks for reading and hope it will provide
more insight to your own situation if using multiple SSL domains hosted
by a single IP.
Thanks
[Index of Archives]
[Linux Audio Users]
[Samba]
[Big List of Linux Books]
[Linux USB]
[Yosemite News]
