Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
410
Views
0
Helpful
1
Replies

ACE 2 web domains binded to one vip

eberhard-schulz
Level 1
Level 1

‎10-13-2008 04:51 AM

Hello,

i have to set up an ssl proxy service on the ace with 2 domains (abc.de,abc.com) who are binded to one vip(1.2.3.4).

With only one domain its not a problem, but with 2 i dont have any clue how to realise it.

If i define 2 proxy services under the mullti-poll statement the first statement is getting all the traffic. I also tried to make an L7 decison, but this is not working too. Because the ssl traffic is at step one terminated and after that the ace is able to look in layer 7.

Has anyone a solution ?

regards

Eberhard

Labels:
0 Helpful
1 Reply 1

Gilles Dufour
Cisco Employee
Cisco Employee

‎10-14-2008 10:35 AM

It's not possible with one ip.

This is due to the nature of SSL.

The hostname is encrypted, so we will only know it after decrypting and to decrypt you need to have the certificate and key which are linked to the domain.

So, the only solution is to have separate ip for each domain or to use a wildcard certificate.

Gilles.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents