Article delegate-en/4564 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en

[DeleGate-En] how to implement SNI on https? detailed instruction please.
17 Sep 2009 05:25:12 GMT David Wang <pomhqbdyi-vubauofyqk3r.ml@ml.delegate.org>


Hi Yutaka,

We've compiled the 9.9.3 from the source already, now would like to implement different https url with associated ssl certificate bundled with the same IP address. I downloaded the ssl lib from ftp://ftp.delegate.org/pub/DeleGate/bin/linux/sslway/dglibssl.so.gz, uncompress it and replace /lib/libssl..so.0.9.7a, then re-compile from the source via run ~delegate9.93/make, then change the config file followed your release note http://www.delegate.org/mail-lists/delegate-en/03889, it's:

DGPATH=/var/spool/delegate-nobody/etc:+
+=common.cfg

CERTDIR=/var/spool/delegate-nobody/etc/certs

STLS=mitm
REMITTABLE=https

MOUNT=/ http://xx.xx.xx.xx:8080/index.html host=-name1.domain.com
MOUNT=/* http://xx.xx.xx.xx:8080/* host=-name1.domain.com

MOUNT=/ http://xx.xx.xx.xx:8080/index.html host=-name2.domain.com
MOUNT=/* http://xx.xx.xx.xx:8080/* host=-name2.domain.com

And ~/etc/certs contains the key and CSR for both domains:
name1.domain.com-key.pem
sn.name1.domain.com.pem
name2.domain.com-key.pem
sn.name2.domain.com.pem

but both not working. Could you tell me the detailed instruction how to implement the SNI with delegated installed from source?

Kind Regards
David



  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V