Hello,
i run ATS10
the origin server has a private ip with existing DNS entry pointing to
that (i know unsafe -but it's a work-around - split-dns config is a bit
confusing, because ats still does round robin on the dns-servers i
entered in /etc/resolve.conf)
the certificate i have installed is a wildcard-certificate.
Both, ATS and the origin server, have that certificate installed.
this is the error-message:
[Mar 1 17:11:14.243] [ET_NET 8] WARNING: Core server certificate
verification failed for (www.xxx.at). Action=Continue Error=unable to
get local issuer certificate server=w40.xxx.at(10.19.0.40) depth=2
the remap.config looks like this: (i had to use the www-mappings because
the redirect parameter is ignored - but thats a different issue)
# redirect http://www.xxx.at/ http://xxx.at/
# redirect https://www.xxx.at/ https://xxx.at/
#i tried also:
# redirect http://www.xxx.at/ http://w40.xxx.at/
# redirect https://www.xxx.at/ https://w40.xxx.at/
-------
map http://www.xxx.at/ http://w40.xxx.at/
##reverse_map http://w40.xxx.at/ http://www.xxx.at/
map https://www.xxx.at/ https://w40.xxx.at/
#reverse_map https://w40.xxx.at/ https://www.xxx.at/
map http://xxx.at/ http://w40xxx.at/
reverse_map http://w40.xxx.at/ http://xxx.at/
map https://xxx.at/ https://w40.xxx.at/
reverse_map https://w40.xxx.at/ https://xxx.at/
------------
ssl-multicert.config
------------------------
dest_ip=111.111.111.111 ssl_cert_name=/opt/ts/etc/ssl/certs/xxx.pem
ssl_key_name=/opt/ts/etc/ssl/keys/xxx.private.pem
ssl_ca_name=/opt/ts/etc/ssl/certs/ca.pem
dest_ip=* ssl_cert_name=/opt/ts/etc/ssl/certs/xxx.pem
ssl_key_name=/opt/ts/etc/ssl/keys/xxx.private.pem
ssl_ca_name=/opt/ts/etc/ssl/certs/ca.pem
-----------------------------------
splitdns.config
----
dest_domain=xxx.at named=10.19.0.9 def_domain="xxx.at" search_list="xxx.at"
dest_domain=!xxx.at named=10.19.0.201
-----------
