ons 2003-07-09 klockan 10.41 skrev Jan Legenhausen:
> Hi,
>
> though i found a mail from Henrik (dated Wed Apr 18 2001) talking about
> using multiple certificates on a https_port, i was not able to figure out
> how this could be achieved using squid-2.5.STABLE2.
This is technically impossible, not a limitation of Squid.
You can only have a single server certificate per ip:port combination.
The server certificate exchange is one of the very first things that
happen, long before the client transmits the request and thus long
before it can be determined which domain name the client have requested.
https:// is the protocol chain HTTP/SSL/TCP/IP, and as you can see SSL
runs below HTTP and does not have knowledge of the HTTP content. It just
encrypts/decrypts the http data.
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org Please consult the Squid FAQ and other available documentation before asking Squid questions, and use the squid-users mailing-list when no answer can be found. Private support questions is only answered for a fee or as part of a commercial Squid support contract. If you need commercial Squid support or cost effective Squid and firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.comReceived on Wed Jul 09 2003 - 05:47:55 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:54 MST