Multiple SSL certificates on a single RackConnect cloud server (PAT)
Each cloud server comes with a single private IP address. When leveraging RackConnect, if you need direct access to the cloud server from the Internet, you can use the public IP address assigned to your RackConnect cloud server (the Provision public IP address automation feature must be enabled). This public IP address leverages a Network Address Translation (NAT) on your network device to translate the public IP address to the private IP address of your cloud server.
Sometimes, you need to have more than one public IP address assigned to a single cloud server. The most common case is when you are hosting multiple SSL sites on a single cloud server and cannot use a wildcard certificate. Because only one private (10.x) address is allowed on each cloud server, you can accomplish this setup by leveraging Port Address Translation (PAT) instead of NAT on your network device.
For example, if you have a single cloud server that you want to use to
https:// www.example-domain.com and
www.example-domain-2.com, you could set up your network device as
- The cloud server private IP address is 10.1.1.1.
- DNS points
www.example-domain.comto the public IP address 188.8.131.52.
- DNS points
www.example-domain-2.comto the public IP address 184.108.40.206.
- The PAT entry on the network device points 220.127.116.11 port 443 to 10.1.1.1 port 8443.
- The PAT entry on the network device points 18.104.22.168 port 443 to 10.1.1.1 port 8444.
On your cloud server, you would configure your web server software (for example, Apache or IIS) to listen on ports 8443 and 8444. They could distinguish the destination site for the encrypted traffic based on the unique port number.
If you need help setting up PAT on your network device, contact your Dedicated Support team.
©2020 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License