using wildcard certificate with one VIP and multiple domain names

Hi!

I have a one VIP and I have a wildcard certificate. I would like to point server1.domain.fi, server2.domain.fi and server3.domain.fi to this same VIP address. Then when client makes a request to one of the domain names for example server1.domain.fi AX-device would connect the request to correct backend server. CLient would see only the wildcard certificate. This way I would use one public ip for multiple web services.
Tagged:

Comments

  • dshindshin Member
    edited June 2015
    Hi Skoude,

    Have you tried using host switching feature within the HTTP template? This feature will switch to the preferred service group based on the host field of the header. In your request you can use switching type as "contains" and match string ie. "a10" directed to Service Group "A10SG".

    For the cert, the wildcard certificate will require SNI(Server Name Indication). The SNI option will send a site client the certificate that matches the requested domain name. With SNI this will simplify the cert management by using only a wildcard cert.

    Hope this helps.

    Regards,

    Genard
  • kono.kenichikono.kenichi Member, A10ers ✭✭
    edited June 2015
    A10 does not support wildcard cert for SNI. This will apply to latest build such as 272-P5 and 401. It seems that A10 has plan to support wildcard cert for SNI.
  • dshindshin Member
    edited June 2015
    Skoude,

    For the feature that you just described above, the host switching trick will work by itself or you can also use SNI with multiple domains a single cert. For example adding domains as server1.domain.fi, server2.domain.fi...server3.domain.fi on a single wildcard cert.

    Kono,

    Per your input, I think you are talking about A10 non-support for "*.domain.fi". The wildcard cert for SNI will be supported in future releases.

    Genard
Sign In or Register to comment.