开发者

How to multiple SSLs on the same server, behind a varnish layer?

I have the need to server multiple apps from the same server with SSL requirements.

I'm currently thinking of running Nginx with SNI, but the majority of IE doesn't support SNI. What happens when someone with a browser that doesn't support SNI makes a SSL re开发者_开发技巧quest to my server?

Also I'm thinking of adding a Varnish layer in front of it, how does that work for the SSL connections?


If you have nginx with SNI enabled and there is a old browser which doesn't support SNI then nginx will return SSL certificate for its default server section (as if there is no SNI enabled) and if server name in returned certificate doesn't match hostname requested by browser then browser will complain about non-matching certificate loudly. See this discussion with nginx author.

And Varnish does not support SSL at all. See this explanation by Varnish author.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜