View Attach (2) Info

Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
jpg
 sni_https_port.jpg 629.5 kB 1 10-Jul-2020 14:40 Ada Csaba
jpg
 sni_portecle.jpg 101.0 kB 1 10-Jul-2020 14:40 Ada Csaba

This page (revision-12) was last changed on 02-Oct-2020 09:58 by krivacsz

This page was created on 25-Oct-2018 04:31 by Ada Csaba

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 5 changed 2 lines
1.)
Edit the HTTPS server_item in your prefs page, advanced tab. Enable the SNI checkbox. Then it will be SNI ready and can be used.
1.) Edit the HTTPS server_item in your prefs page, advanced tab. Enable the SNI checkbox. Then it will be SNI ready and can be used.\\
\\
[{Image src='sni_https_port.jpg' width='..' height='..' align='left|center|right' style='..' class='..' }]
\\
At line 8 changed 2 lines
2.)
On the HTTPS port, you need a keystore specified...it can be anything generic, but I suggest putting in www.domain1.com stuff in it...its name must be "main.jks". The name is important to follow along with the example.
Now you have two different methods you can do for keystore management. Either one global keystore in JKS format with all private keys and certificates in it, or multiple keystores each with a single private key certificate in it.
At line 11 changed 2 lines
3.)
Now you need two other files. www.domain1.com_main.jks and www.domain2.com_main.jks All files should be in the same folder that you specified for main.jks. Each should have their own set of keystore info, do not put multiple in one keystore as that is not how the system is designed. They must all use the same passwords too.
!Method #1
Download and use the tool named "Portecle".\\
Use this method if you have DMZ.\\
\\
[https://sourceforge.net/projects/portecle/]
\\Use it to create multiple private keys, import trusted certificates, import CA reply files. This method can support wildcard certificates mixed with other domain certificates too as pattern matching is allowed on t he certificate alias names. Then configure the HTTPS port to use this one keystore like normal.
\\
[{Image src='sni_portecle.jpg' width='..' height='..' align='left|center|right' style='..' class='..' }]
\\
---
!Method #2
1.) On the HTTPS port, you need a keystore specified...it can be anything generic, but I suggest putting in www.domain1.com stuff in it...its name must be "main.jks". The name is important to follow along with the example.\\
\\
2.) Now you need two other files. www.domain1.com_main.jks and www.domain2.com_main.jks All files should be in the same folder that you specified for main.jks. Each should have their own set of keystore info, do not put multiple in one keystore as that is not how the system is designed. They must all use the same passwords too.\\
Version Date Modified Size Author Changes ... Change note
12 02-Oct-2020 09:58 2.308 kB krivacsz to previous
11 10-Jul-2020 14:45 2.27 kB Ada Csaba to previous | to last
10 10-Jul-2020 14:44 2.268 kB Ada Csaba to previous | to last
9 10-Jul-2020 14:43 2.273 kB Ada Csaba to previous | to last
8 10-Jul-2020 14:42 2.214 kB Ada Csaba to previous | to last
7 10-Jul-2020 14:42 2.214 kB Ada Csaba to previous | to last
6 10-Jul-2020 14:41 2.098 kB Ada Csaba to previous | to last
5 18-Mar-2020 13:01 1.982 kB Ben Spink to previous | to last
4 25-Oct-2018 04:31 1.357 kB Ben Spink to previous | to last
3 25-Oct-2018 04:31 1.385 kB Ben Spink to previous | to last
2 25-Oct-2018 04:31 1.315 kB Ben Spink to previous | to last
1 25-Oct-2018 04:31 1.05 kB Ada Csaba to last Server Name Inclusion (SNI)
« This page (revision-12) was last changed on 02-Oct-2020 09:58 by krivacsz
G’day (anonymous guest)
CrushFTP9 | What's New

Referenced by
HTTP(S)

JSPWiki