In message <_A4358@delegate-en.ML_> on 01/27/09(07:18:52)
you Jens-Erik Hansen <puicqbdyi-qprr6uhroza6.ml@delegate.org> wrote:
 |I'm working on a name-based virtual hosting to name based virtual
 |servers setup which works fine now. The next task is to establish a ssl
 |connection between the client and delegate where every nvhost should
 |hand out a separate certificate.
 |
 |I tried several things to achieve that delegate offers separate
 |certificates for the configured nvhosts but had no success so far.
...
 |I have no clue how to proceed, please can you give me a hint?

To switch amoung multiple certificates, you need "server name indication"
(SNI) supported after OpenSSL0.9.8g or laters, and need to put a
certificate for each destination site at "CERTIDR" (DGROOT/etc by default)
as this:

  DGROOT/etc/certs:
    sn.www1.dom1.pem
    sn.www2.dom2.pem
    ...

See <URL:http://www.delegate.org/mail-lists/delegate-en/03889> and
<URL:http://www.delegate.org/delegate/Manual.htm?CERTDIR> for more details.
 >>CERTDIR parameter   ==  CERTDIR=dir
 >>                    --  default: ${ETCDIR}/certs
 >>                    --  version: DeleGate/9.8.0 + OpenSSL0.9.8g or laters
 >>
 >>sn.domain.pem -- the certificate for SNI
 >>   The certificate for the domain indicated by SNI (Server Name Indication).
 >>   Like me.pem, it may be in the combination of sn.domain-key.pem and
 >>   sn.domain-key.pas (or common.pas).

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller