> > Q: What if I want to accelerate multiple hosts?
>
> That would be a todo for the code, to support one key per https_port.
>
> Question: How would you like the configuration to read if accelerating 3
> hosts?
>
> Proposal: Instead of the ssl_certificate and ssl_key options, make these
> arguments to https_port, allowing a list of ports and associated keys to
> be build.
>
> https_port 10.0.1.43:443 cert=/path/to/cert1.pem
> https_port 10.0.1.44:443 cert=/path/to/cert2.pem
> https_port 10.0.1.45:443 cert=/path/to/cert3.pem key=/path/to/key3.pem
>
> (if only the certificate is specified then it is assumed it is a
> combined certificate/key file)
I think for a lot of people this would be the best solution. Must there not
be some kind of "listen" host?
>
> Note: Due to the way SSL works, only one visible certificate/domain can
> be supported per ip:port. The SSL handshake is taking place before it is
> known which domainname the user has requested.
>
> Another option for you is to use the accelerator to combine information
> from several servers under one domain. The accelerator can with the help
> of a redirector helper forward the request to different servers
> depending on any aspect of the URL, not only the requested domainname.
> Work is also being made to allow the accelerator to automatically
> rewrite links and such thing which would make this a quite neat thing.
> (i.e. you can then build a virtual domain of a collection of internal
> information resources)
These would be nice options for me (I could live with a certificate per
domain)
It would be nice to be able to run 2 identical informayion resources, and
then
squid checks, if they are available, or with an external program, which one
has the lightest load.
>
> /Henrik
Received on Mon Feb 12 2001 - 04:23:33 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:13:30 MST