I've been using pound to run mydomain.dk. Now I've bought some other domains and SSL certificates that are mydomain.no, mydomain.se and mydomain.eu. My old config looked roughly like this:
ListenHTTPS
Address 81.19.246.120
Port 443
Cert "/usr/local/etc/pound.keys/mydomain.dk.pem"
Service
BackEnd
Address 10.0.10.10
Port 8080
End
End
End
At places like here I've seen that I can use HeadRequire in the Service part, but I want the Host header to go together with the Cert, ideally something like
ListenHTTPS
Address 81.19.246.120
Port 443
HostAndCert "mydomain.dk" "/usr/local/etc/pound.keys/mydomain.dk.pem"
HostAndCert "mydomain.se" "/usr/local/etc/pound.keys/mydomain.se.pem"
HostAndCert "mydomain.no" "/usr/local/etc/pound.keys/mydomain.no.pem"
HostAndCert "mydomain.eu" "/usr/local/etc/pound.keys/mydomain.eu.pem"
Service
BackEnd
Address 10.0.10.10
Port 8080
End
End
End
Any suggestions or clues to how I can accomplish this?
Cheers
Nik
EDIT: Yup, at http://www.apsis.ch/pound/ I see that it can't be done, one IP pr SSL domain is required. Are there good alternatives when I can't use wildcard SSLs that say mydomain.* ?
Best Answer
Until Server Name Indication is supported, your best option is to get a Unified Communications Certificate that includes all the names that you need to secure in one cert.