[squid-users] Multi-Domain SSL certs & squid v2.6 STABLE21

Hi all,

We are using squid v2.6 STABLE21 as a reverse proxy. We have a three
websites using http and 2 using https, each of them with its own IP.
We have two Verisign SSL certificates (single domain) for the https
connections. Those certificates expire in less than a month and we are
considering replacing them with a Multi-Domain certificate, probably
from entrust or Comodo, to facilitate adding websites in the future.

Could anybody confirm multi-domain SSL certs are supported on squid
v2.6 STABLE21, please? Assuming they are, is there any difference in
the way multi-domain certs are used by squid? Currently we have a file
with the SSL cert (first) followed by the CA intermediate cert.

Thanks.

JP

Squid Cache: Version 2.6.STABLE21
configure options: '--build=i386-redhat-linux-gnu'
'--host=i386-redhat-linux-gnu' '--target=i386-redhat-linux-gnu'
'--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr'
'--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc'
'--includedir=/usr/include' '--libdir=/usr/lib'
'--libexecdir=/usr/libexec' '--sharedstatedir=/usr/com'
'--mandir=/usr/share/man' '--infodir=/usr/share/info'
'--exec_prefix=/usr' '--bindir=/usr/sbin'
'--libexecdir=/usr/lib/squid' '--localstatedir=/var'
'--datadir=/usr/share' '--sysconfdir=/etc/squid' '--enable-arp-acl'
'--enable-epoll' '--enable-snmp' '--enable-removal-policies=heap,lru'
'--enable-storeio=aufs,coss,diskd,null,ufs' '--enable-ssl'
'--with-openssl=/usr/kerberos' '--enable-delay-pools'
'--enable-linux-netfilter' '--with-pthreads'
'--enable-ntlm-auth-helpers=SMB,fakeauth'
'--enable-external-acl-helpers=ip_user,ldap_group,unix_group,wbinfo_group'
'--enable-auth=basic,digest,ntlm,negotiate'
'--enable-negotiate-auth-helpers=squid_kerb_auth'
'--enable-digest-auth-helpers=password'
'--with-winbind-auth-challenge' '--enable-useragent-log'
'--enable-referer-log' '--disable-dependency-tracking'
'--enable-cachemgr-hostname=localhost' '--enable-underscores'
'--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SMB,YP,getpwnam,multi-domain-NTLM,SASL'
'--enable-cache-digests' '--enable-ident-lookups' '--with-large-files'
'--enable-follow-x-forwarded-for' '--enable-wccpv2'
'--enable-fd-config' '--with-maxfd=16384'
'build_alias=i386-redhat-linux-gnu' 'host_alias=i386-redhat-linux-gnu'
'target_alias=i386-redhat-linux-gnu' 'CFLAGS=-D_FORTIFY_SOURCE=2 -fPIE
-Os -g -pipe -fsigned-char' 'LDFLAGS=-pie'
Received on Mon Apr 23 2012 - 20:21:41 MDT