Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ssl multiple certificate and one VIP Address

Hi

i have a question regarding SSL certificate.

Is possibile to configure multiple ssl certificate with only one vip address ?

--> Name Based Virtual Server

Thank you in advance

2 REPLIES
New Member

Re: ssl multiple certificate and one VIP Address

hello,

I have more or less the same issue. I also tried the following approach:

I want to redirect SSL incoming requests on a same VIP to different SSL websites based on a content rule (using dql to use a different certificate per site)

Apparently a given VIP cannot be bound to several SSL content rules (whereas it works great with plain http)

So far the only way to go seems to be to have one VIP per content rule.

If anyone had success story on this topic, any help would be greatly appreciated.

Cisco Employee

Re: ssl multiple certificate and one VIP Address

this is not possible.

To know the domain, you need to decrypt the traffic.

To decrypt the traffic, you need a certificate.

As you can see, you need to select the right certificate before you can possibly know which site you want to access.

Therefore, there is, and there will never be a way to share a certificate on a single ip.

Unless you use different tcp ports.

Regards,

Gilles.

138
Views
0
Helpful
2
Replies
CreatePlease to create content