ACE 2 web domains binded to one vip

Unanswered Question
Oct 13th, 2008


i have to set up an ssl proxy service on the ace with 2 domains (, who are binded to one vip(

With only one domain its not a problem, but with 2 i dont have any clue how to realise it.

If i define 2 proxy services under the mullti-poll statement the first statement is getting all the traffic. I also tried to make an L7 decison, but this is not working too. Because the ssl traffic is at step one terminated and after that the ace is able to look in layer 7.

Has anyone a solution ?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Gilles Dufour Tue, 10/14/2008 - 10:35

It's not possible with one ip.

This is due to the nature of SSL.

The hostname is encrypted, so we will only know it after decrypting and to decrypt you need to have the certificate and key which are linked to the domain.

So, the only solution is to have separate ip for each domain or to use a wildcard certificate.



This Discussion