SNI support? #85
Comments
|
First: thank you :) Second: I think you are confusing two things. A wildcard certificate allows TLS connections for all domains under However, fabio currently does not support assigning multiple certificates (wildcard or otherwise) to the same listener. So you could not have |
|
Thanks for answer, i write bad common name, it was *.domain-2.com instead of *.domain.com, thanks for say it. i am waiting for this change, it is very useful for me. thank you again. |
|
Looks like this: https://github.com/inconshreveable/slt have all the needed functionality for TCP+SNI proxying. |
|
@mterron yeah, I don't think it is difficult. The problem right now is that for TCP proxying support fabio needs to bring listeners up dynamically and I also need a way to express this in the configuration. Both are not difficult issues but they're also not one-line fixes either since they require some re-architecting. |
|
As a MVP can you do something like url prefix-TCP(4|6)[s]:domain[:port]? The will allow for the use of the backend to define protocol (ipv4 or ipv6) with the [s] defining if it accepts TLS. I´m not quite sure if the (optional) :port part is necessary, will have to think a little bit about that one. |
|
I'll close this ticket and merge it with #1 |
Hi, fabio is amazing, i am testing it but i have a problem
Does fabio support Server name indication for wildcard certificate? How can i use ssl by domain, not only for ip?
for example:
www.domain-1.com has a specific common name www.domain-1.com certificate and
www.domain-2.com,
api.domain-2.com,
store.domain-2.com,
mobile.domain-2.com use a wilcard certificate *.domain.com
it is possible has two ssl certificates with one ip in fabio?
The text was updated successfully, but these errors were encountered: