Kent Watsen <k...@watsen.net> writes:
> A redacted version of my /etc/relayd.conf follows. But note that I
> also have `httpd` running on this machine, listening for inbound port
> 80 requests, in order to 1) handle ACME requests and 2) redirect all
> port 80 requests to port 443. Both configs follow.
Could it be that you have only one certificate, for every service? My
understanding was that a protocol could specify more than one "tls
keypair" directive, and the "right one" would be chosen, depending on
the actual request.
> PS: there are many ways to skin the cat. For example, you’re running
> different httpd instances on ports versus my running them on different
> VMs.
I am not sure if this makes a difference, after all non-encrypted
traffic operates the way it should.
--
Philip K.
