maria-discuss team mailing list archive

["Reinis Rozitis" <r@xxxxxxx>]

> Actually, that’s a big annoyance with Apache, that the configuration 
> expects every virtual host to have the same SSL certificate. So if your 
> vhost has 5 domains, you need a single certificate with 5 domains. Bleh.

Well you just make 5 vhosts with each having it’s own certificate definition 
but everything else common (like use include etc).
Though this out of scope of this mailinglist.


> Mail is less useful but still relevant: domain owners want to brand all of 
> their services with their domain name. If I’m setting up 
> “felipes-stuff.com” and have employees go to “hals-hosting.net” for mail, 
> that’s not as “branded” of an experience as if everything used the same 
> domain.

> Database access is similar. There is still a use case for SNI here, even 
> if it’s not the most apparent one.

If you really want to "brand" your single Mysql instance by having multiple 
SSL certicates (as the previous person said - I don't see a very valid 
reason either) you can plug a SSL offloader like haproxy between in TCP 
mode. Then just simply provide a directory of all the *.pem certificates and 
haproxy will do the rest.

rr