pound how to implement Openssl SNI
This is my first post on this forum;
I have read at pound official website on their 'update June 2010' that pound is able to proceed to openssl SNI (Server Name Indication) which makes it possible to build a https reverse proxy.
Furthermore, in the pound mailing-list (in which I have been totally unable to register :O) I have read that someone accomplished this success SNI with pound. I am on Linux and my browser is sni capable as reported by this check.
However, it seems that only the last certificate specified in pound configuration file is taken in account. In fact, I have exactly the same problem as reported here: The first certificate is shown to the client, if it is related to the domain name, this is fine, else, no more certificate is tried and a warning is shown on the client browser.
My configuration is like this:
Thanks a lot for your answer and help!
Do you have the right version of pound?
Yes, pound supports SNI - I'm using such a setup myself.
BUT - it only supports SNI starting with version 2.6. Your problem may be related to you using an older version.
Check what version you are using. I think it can be done with
I've compiled a package for Debian - it may be of some use for you:
Good luck :-)
|All times are GMT +2. The time now is 09:45.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.