On 1/12/23 04:55, Mario Theodoridis wrote:
I do have one more problem at this point.
Using openssl i can work with what i have below, but i cannot add a 2nd
certificate
https_port 0.0.0.0:443 accel defaultsite=regify.com \
tls-cert=/etc/ssl/certs/regify.com.pem \
tls-cert=/etc/ssl/certs/foo.com.pem
gives me
ERROR: OpenSSL does not support multiple server certificates. Ignoring
addional cert= parameters.
If i instead use gnutls, i get dinged for using ssl::server
FATAL: Bungled /etc/squid/squid.conf line 29: acl stest1
ssl::server_name test1.regify.com
is there a way to get the SNI host with gnutls?
There is , but we have not yet implemented it.
If the HTTPS URL domain is acceptable you can use the dstdomain ACL type
instead as a workaround.
http://www.squid-cache.org/Doc/config/acl/ did not answer that for me.
Alternatively, can i get openssl to cope with multiple certs somehow?
AFAIK, no.
HTH
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.squid-cache.org/listinfo/squid-users
