I want to use multiple domain names on my website and deploy SSL certificates at the same time. How can I provide the corresponding domain name certificate according to the requested domain name?
我在做一个站群,需要绑定多个域名和部署多本证书,怎么样才能根据请求的域名,提供对应的域名证书呢?
如果不能做到,只能一次性申请多个域名的一本证书,而不是分开每个域名申请一本证书了.
I’m doing a site group. I need to bind multiple domain names and deploy multiple certificates. How can I provide the corresponding domain name certificate according to the requested domain name?
If you can’t, you can only apply for one certificate for multiple domain names at one time, instead of applying for one certificate for each domain name separately
This should help you:
It is possible to define a SNI hook on the ssl context that you pass to app.run, if you create it yourself. This hook function can change the certificate based on which name was requested or reject the SSL handshake e.g. if no known name was requested. I have not tried that with Sanic but at least in principle it should work that way, without having to specify all names on the same cert.
Setting up Nginx proxy to handle all that might be easier than doing it in Python/Sanic, though.
How to obtain the user’s real IP using nginx proxy?
By adding the Forwarded headers, as described in
This will get you all the remote information securely by request.remote_addr and request.forwarded.
1 Like
Thank you. You’re a great problem solver.
1 Like