Thanks for clarification and support the free work/world! i already tried nginx and it seems doing its job. I will keep an eye on squid 4 and what was said about the issues. ________________________________________ Von: Amos Jeffries [squid3@xxxxxxxxxxxxx] Gesendet: Donnerstag, 13. April 2017 00:56 An: Maik Linnemann; squid-users@xxxxxxxxxxxxxxxxxxxxx Betreff: Re: AW: Squid 3.4.8 Reverse with multiple SSL Sites and multiple Certs/Domains On 13/04/2017 7:13 a.m., Maik Linnemann wrote: > I figured out that nginx is able to do what i want, at least SNI and > multiple certs. I am forced to try that in the meantime. Also i will > check varnish. Is there any realistic date when SNI is available in > reverse proxy with squid? Is there anyone coding at all for that > feature? > I've been working on it as part of the GnuTLS support in Squid-4. https_port can now be configured with multiple cert= key= parameter pairs. But loading any past the first pair with OpenSSL builds is still missing. I _think_ all that is left now (for OpenSSL builds) is to alter that logic loading cert= files into the server context. But I have not investigated those details closely yet. My focus in the 'free' work is getting GnuTLS working for Debian/Ubuntu and refactoring for more easy porting to other backend libraries in future (Fedora, RHEL and Apple want other libraries). I intend for SNI to be usable out of the box with GnuTLS builds. Someone may do OpenSSL changes to match by the time it goes public - I cannot test it so that depends on others. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
