Play2:支持服务器名称指示 [英] Play2 : Support for Server Name Indication

问题描述

Play2.0.x是否支持服务器名称指示?

Does Play2.0.x support Server Name Indication?

指向文档或示例的指针会很棒.

A pointer to docs or examples would be great.

我有一个典型的用例:我想在共享负载均衡器后面使用无关的" Play2应用服务器的基于名称的虚拟主机，在各个应用服务器上进行SSL终止.

I have the typical use case: I want to use name-based virtual hosting of "unrelated" Play2 appservers behind a shared load-balancer, doing SSL termination at the individual appservers.

推荐答案

Java 7现在支持SNI，但仅在客户端上.如果您想直接从Java处理连接，这将是一个问题.

Java 7 now supports SNI, but only on the client-side. This will be a problem if you want to to handle the connections directly from Java.

但是，在负载均衡器后面应该可以为您提供帮助.如果它可以处理SNI(例如，现代版本的Apache Httpd就是这种情况)，则可以将代理反向代理到侦听要使用的每个主机名的不同端口的服务器.

However, being behind a load-balancer should help you. If it can handle SNI (which is the case for modern versions of Apache Httpd, for example), you could reverse proxy to a server listening on different ports for each of the host names you want to use.

• www.domain1.example ---反向代理---> 192.168.0.10:8080(已为应用程序www.domain1.example配置)
• www.domain2.example ---反向代理---> 192.168.0.10:8081(已为应用程序www.domain2.example配置)

• www.domain1.example ---reverse proxy---> 192.168.0.10:8080 (configured for application www.domain1.example)
• www.domain2.example ---reverse proxy---> 192.168.0.10:8081 (configured for application www.domain2.example)

您必须让负载平衡器处理SSL连接.或者，如果负载均衡器足够聪明，可以在查看Client Hello初始TLS消息中的服务器扩展名后分派到另一个端口，则它可能会这样做(我不确定是否可以)

You'd have to let the load-balancer handle the SSL connection. Alternatively, if the load-balancer is sufficiently clever to dispatch to a different port after looking at the server name extension in the Client Hello initial TLS message, it might be able to do it this way (I'm not sure if any can).

这篇关于Play2:支持服务器名称指示的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！