I came up with a solution. What I did was to get one cert that covers multiple https websites. Letsencrypt.com permits you to have multiple hostnames. The software certbot allows you to put multiple FQDNs in a single request or to extend any existing cert. The certs from letsencrypt.com is not tied to an IP address, so if your external facing IP address changes, that presents no issues.
On the plus side, since all communications between squid and the server are over http, that relieves the already busy webserver from the jobs of encrypting/decrypting and places it on the reverse proxy. Starting next year, letsencrypt will start issuing wildcard certs. -- Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
