Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ACE 2 web domains binded to one vip

Hello,

i have to set up an ssl proxy service on the ace with 2 domains (abc.de,abc.com) who are binded to one vip(1.2.3.4).

With only one domain its not a problem, but with 2 i dont have any clue how to realise it.

If i define 2 proxy services under the mullti-poll statement the first statement is getting all the traffic. I also tried to make an L7 decison, but this is not working too. Because the ssl traffic is at step one terminated and after that the ace is able to look in layer 7.

Has anyone a solution ?

regards

Eberhard

1 REPLY
Cisco Employee

Re: ACE 2 web domains binded to one vip

It's not possible with one ip.

This is due to the nature of SSL.

The hostname is encrypted, so we will only know it after decrypting and to decrypt you need to have the certificate and key which are linked to the domain.

So, the only solution is to have separate ip for each domain or to use a wildcard certificate.

Gilles.

261
Views
0
Helpful
1
Replies
CreatePlease to create content