I have multiple certificates defined in my pound config and the correct
certificate is used based on the subject name however the correct certificate
is not used when visiting the site using one of the alternative names.
Is this configuration supported by pound? If so, what am I doing wrong.
I am running Pound 2.6 (compiled from source) on a completely up to date
install of Debian 6 (squeeze).
Here is my config (altered slightly to protect the innocent):
# Normal certificate (default)
# SAN certificate
AddHeader "Front-End-Https: on"
HeadRequire "Host: site1.domain.com"
HeadRequire "Host: (site2|site3|site4).domain.com"
With this config access to "site1.domain.com" correctly uses the first
Access to "site2.domain.com" correctly uses the second certificate
(site2.domain.com is in the subject name of the second certificate) however
access to "site3.domain.com" or "site4.domain.com" uses the first certificate
(site3 and site4 are subject alternate names in the second certificate).