| Re: External IP access to containers [message #50618 is a reply to message #50602] |
Sun, 22 September 2013 08:28  |
dsl101
Messages: 3
Registered: June 2013
|
Junior Member |
|
|
Thanks - I ended up using an empirical approach (e.g. start with the minimal setup and wait until some users complained about things not working). Nobody has complained so far. The HN is on 'domain.com', and I just have these 2 lines in the apache config for each CT (note I've used '|' instead of '/' here - the forum thinks I'm posting links!).
ProxyPass / https:||sub.domain.com/
ProxyPassReverse / https:||sub.domain.com/
SSL works by virtue of the CTs all being subdomains, and the HN can authenticate using the same wildcard certificate for *.domain.com. Obviously this wouldn't work if we had fqdns for the CTs, but at the moment everyone is happy with subdomains.
I _think_ there is a way round that even for CTs with different certificates, but it relies on a browser capability so might not be perfect.
Anyway, all well so far - thanks. I'll look into your suggestion though to get the logging more accurate - again, not a problem for now...
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
