LXD container tutorial on creating many HTTPS websites
Hi All,
I wrote last year a tutorial on LXD on how to create many HTTPS websites on a single server, https://blog.simos.info/how-to-set-u...xd-containers/ There is generally some difficulty to have more than one HTTPS website on a single IP. This is resolved nowdays using something called SNI and a TLS Termination Proxy. In this tutorial I use HAProxy as the TLS Termination Proxy. My next endevour is to write a tutorial on how to install multiple WordPress sites under LXD. I am still trying to figure out the details on this one. |
Quote:
|
Quote:
And HAProxy uses SNI in order to direct each client to the correct container. (There is no other way to have HTTPS on a single IP address without SNI). The benefit of HAProxy is that all Let's Encrypt certificate management happen in the HAProxy container. The websites (nginx in my example) do not need any HTTPS configuration, therefore I do not need to replicate the complex HTTPS settings that can achieve A+ on the Qualys SSL Test (https://www.ssllabs.com/ssltest/). |
I fully understand what you're doing. The "secret sauce" here, however, is NOT the proxy - it's the use of SNI which requires TLS.
|
All times are GMT -5. The time now is 03:06 PM. |