Article delegate-en/4359 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: nvhost to nvserv STLS with different certificates
26 Jan 2009 22:40:04 GMT (Yutaka Sato)
The DeleGate Project

In message <_A4358@delegate-en.ML_> on 01/27/09(07:18:52)
you Jens-Erik Hansen <> wrote:
 |I'm working on a name-based virtual hosting to name based virtual
 |servers setup which works fine now. The next task is to establish a ssl
 |connection between the client and delegate where every nvhost should
 |hand out a separate certificate.
 |I tried several things to achieve that delegate offers separate
 |certificates for the configured nvhosts but had no success so far.
 |I have no clue how to proceed, please can you give me a hint?

To switch amoung multiple certificates, you need "server name indication"
(SNI) supported after OpenSSL0.9.8g or laters, and need to put a
certificate for each destination site at "CERTIDR" (DGROOT/etc by default)
as this:


See <URL:> and
<URL:> for more details.
 >>CERTDIR parameter   ==  CERTDIR=dir
 >>                    --  default: ${ETCDIR}/certs
 >>                    --  version: DeleGate/9.8.0 + OpenSSL0.9.8g or laters
 >>sn.domain.pem -- the certificate for SNI
 >>   The certificate for the domain indicated by SNI (Server Name Indication).
 >>   Like me.pem, it may be in the combination of sn.domain-key.pem and
 >>   sn.domain-key.pas (or common.pas).

  9 9   Yutaka Sato <>
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]