On 12/20/18 5:45 AM, Bruno de Paula Larini wrote:
> why Squid would have problems with SNI and
> OpenSSL when other webservers/proxies have this feature using
> OpenSSL/LibreSSL libs?
Squid lacks the necessary code to support SNI in accelerator mode when
using OpenSSL.
> Why SNI would be such a
Em 19/12/2018 20:09, Amos Jeffries escreveu:
OpenSSL definitely can use only one certificate per http(s)_port. Either
the _last_ loaded if several PEM files are loaded (each call to the
OpenSSL API *replaces* the certs loaded), or if one tries to work around
that by merging everything into a
On 20/12/18 9:29 am, Bruno de Paula Larini wrote:
> Em 19/12/2018 16:29, Patrick Chemla escreveu:
>>
>> - Having more than one IP on the server, create SSL certificates from
>> LetsEncrypt including each a list of some domains and sub-domains
>>
>> - Create a very bing certificate to have squid
Em 19/12/2018 16:29, Patrick Chemla escreveu:
- Having more than one IP on the server, create SSL certificates from
LetsEncrypt including each a list of some domains and sub-domains
- Create a very bing certificate to have squid using it (not the best
choice because domains are of different
Hi all,
Thanks for the great work you do/provide with squid.
I am using squid for years, I like it very much, and I am now
installing a SSL load-balancing unit for about 80
domains/sub-domains.
My OS release is Fedora release 29
