So the only way is to have each vhost listen on on port each? On December 22, 2018 12:31:54 PM GMT+01:00, Claudio Jeker <cje...@diehard.n-r-g.com> wrote: >On Sat, Dec 22, 2018 at 12:28:46PM +0100, Aham Brahmasmi wrote: >> Hi, >> >> > On Sat, Dec 22, 2018 at 07:07:58AM +0100, Flipchan wrote: >> > > Hello, >> > > Does anyone know how to get this working with multiple >letsencrypt certs? >> > > >> > >> > You need individual IP:port settings for each of the certs. Also >don't >> > forward to different hosts based on match rules unless you really >know >> > what you are doing. The backend system is only evaluated at the >start of >> > the connection and so keepalive sessions will not route correctly. >> > >> > -- >> > :wq Claudio >> >> Would having a single SAN certificate help in this case [1]? >> > >Yes and no. It would make listening on one port possible but it does >not >solve the issue of 'match forward to' being sticky for a connection. > >-- >:wq Claudio
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.