Configure multiple SSL certificates in nuster

Nuster is a high performance HTTP proxy cache server. It is based on haproxy.

To configure multiple SSL certificates in nuster, create SSL in PEM format.

Edit nuster.cfg, you will see something like the following.

global
    nuster cache on dir /cache
    nuster manager on uri /internal/nuster purge-method PURGEX
frontend fe
    bind *:443 ssl crt /etc/ssl/ssl1.pem alpn h2,http/1.1
    mode http
    default_backend ssl_443
backend ssl_443
    mode http
    nuster cache off
    nuster rule all disk on ttl 7d
    http-request set-header X-Client-IP %[src]
    server s1 128.1.2.9:443 ssl verify none

global

nuster cache on dir /cache

nuster manager on uri /internal/nuster purge-method PURGEX

frontend fe

bind *:443 ssl crt /etc/ssl/ssl1.pem alpn h2,http/1.1

mode http

default_backend ssl_443

backend ssl_443

mode http

nuster cache off

nuster rule all disk on ttl 7d

http-request set-header X-Client-IP %[src]

server s1 128.1.2.9:443 ssl verify none

SSL is configured in the line

    bind *:443 ssl crt /etc/ssl/ssl1.pem alpn h2,http/1.1

1	bind *:443 ssl crt /etc/ssl/ssl1.pem alpn h2,http/1.1

To add another domain SSL certificate, modify the line as follows

    bind *:443 ssl crt /etc/ssl/ssl1.pem crt /etc/ssl/ssl2.pem alpn h2,http/1.1

1	bind *:443 ssl crt /etc/ssl/ssl1.pem crt /etc/ssl/ssl2.pem alpn h2,http/1.1

You can add as many SSL certificate in the format

crt /etc/ssl/SSL_FILE_NAME.pem

1	crt /etc/ssl/SSL_FILE_NAME.pem

Back to nuster

Leave a Reply Cancel reply