• 13

We currently host multiple sitecore sites on a rackspace cloud server, we have 5 sites, with 5 IPs and with 5 SSLs. Because rackspace will only allow 4 additional IPv4 addresses on a box we're at the limit of what we can do. Also with Sitecore licencing costs being somewhat astronomical we're trying to investigate how we can expand our solution without having to purchase another software licence.

Our setup is currently simple,

  • 1 Rackspace cloud Server
    • www.1site1.com x.x.x.1 SSL1
    • www.2site2.com x.x.x.2 SSL2
    • www.3site3.com x.x.x.3 SSL3
    • www.4site4.com x.x.x.4 SSL4
    • www.5site5.com x.x.x.5 SSL5

I've been reading this - http://digital.bigfish.co.uk/2012/04/ssl-in-the-rackspace-cloud/ and I'm now confused over what a load balancer could and couldn't enable us to achieve. In theory it sounds like a great solution to our problem - but I may not be understanding it all correctly.

If we were to use an SSL Terminating LB, would we be able to have all these sites on the one cloud server, with all their respective SSLs on the LB?

  • Rackspace SSL Terminating Load Balancer [SSL1 SSL2 SSL3 SSL4 SSL5]
  • Rackspace Cloud Server [ site1 site2 site3 site4 site5 ]

Or does the Load Balancer expect multiple cloud servers each with their own SSL as opposed to separate sites on one box.

Likewise if we went the other way of having a LB for HTTP and a LB for HTTPS, would they all tie to one external IP and effectively listen to the same port 443 before directing internally

  • Port 80 HTTP (LB1)
  • Port 443 HTTPS (LB2)
    • Cloud Server Port 443 - www.1site1.com
  • Port 443 HTTPS (LB3)
    • Cloud Server Port 444 - www.2site2.com
  • Port 443 HTTPS (LB4)
    • Cloud Server Port 445 - www.3site3.com
  • Port 443 HTTPS (LB5)
    • Cloud Server Port 446 - www.4site4.com
  • Port 443 HTTPS (LB6)
    • Cloud Server Port 447 - www.5site5.com

Or would we need separate IPs for each - therefore not changing the current (IP Limited) situation at all.

Yes, you can use SNI if your load balancer supports it (and your traffic from Windows XP users is minimal), but you really should be accelerating your IPv6 deployment for a long-term solution.

  • 1
Reply Report
      • 1
    • You absolutely must have one IPv4 address per site, then. Be sure to specify that you can't use SNI due to IE on XP when you fill out your IP justification form.
    • I have looked into SNI but we develop for many corporate clients who are primarily using an IE7 XP Combo so it's not really a viable option at the moment.

Warm tip !!!

This article is reproduced from Stack Exchange / Stack Overflow, please click

Trending Tags