Hi , 

I use pound as a redirector to serve multiple sites each running on the 
same internal IP with different ports as backends, pound listens to the 
public IP and sends the HTTP request to proper backends based on http 
request. Now some of my domains require https ,

Do i need to purchase certificates for each domain i am running on my 
server ?

Is there a way I purchase only one certificate use it in pound and than 
all https requests for all the domains is served thru this https enables 
backend ?

How am i suppose to provide https for all of my domain being served by 
pound ?



Regards


[...]

aT napsal(a):[...]

Yes. At least, for every 2nd level domain. You can use a "wildcard" 
certificate for *.yourdomain.com and it will be valid for 
www.yourdomain.com and another.yourdomain.com. But you cannot use it for 
www.otherdomain.com.
[...]

Unfortunately, it is not a pound related problem. The "problem" is with 
HTTPS itself. The verification and encryption stuff happens BEFORE the 
request (containing the virtual hostname) is sent, and therefore, you 
are always limited to one certificate (and one domain) per IP address. 
Of course, your server can have more IP addressess and you can define 
several HTTPS listeners, each bound to one IP and each having it's 
separate certificate.

Hope this helps.
[...]

Michal Taborsky - Internet Mall wrote:[...][...]


It isn't pretty, but an alternative solution would be to create your own
self-signed certificate for a generic wildcard domain of just "*", which
would then cover ANY domain you host, but all of the clients visiting
this site would receive a notice that it wasn't signed by a known CA.

we use rapidssl.com(as a reseller) ... fast, cheap and i have never had 
a complaint about the cert not working in a browser

Michal Taborsky - Internet Mall wrote:[...][...][...][...][...]
[...]