Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL with Anycast setup #24

Open
vhostvn opened this issue Sep 6, 2021 · 2 comments
Open

SSL with Anycast setup #24

vhostvn opened this issue Sep 6, 2021 · 2 comments

Comments

@vhostvn
Copy link

vhostvn commented Sep 6, 2021

Hi,

We get problem with Anycast IP in 3 datacenter, 3 datacenter has the same IP (like 8.8.8.8) and SSL was unable to provision. If we change domain to Unicast IP, then it created SSL cert successful.

So which validation method you are using to validate certs?
@zhyale
Copy link
Member

zhyale commented Sep 15, 2021

if you are using ACME automatic certificate, simple node is required, multiple nodes are not supported, because the CA will call back to validate the owner of the domain, the domain must be pointed to the gateway.

If you are using multiple nodes, please configure certificate manully with public key and private key.

@vhostvn
Copy link
Author

vhostvn commented Sep 16, 2021

I think that we can do our own research and integrated with DNS-01 validation. This can delegate and allow our DNS auto active CNAME record and accept it. Do you want to join, test and integrate with Janusec?

Something like CloudFlare architectures.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zhyale @vhostvn