Looking for the best way to host thousands of SSL certificates issued by public providers
Each of these certs will be issued on a unique FQDN with no common DNS zone within the name. Think thousands of unique small businesses wanting hosting of their unique registered domain name. Only two VIPs would front the application - one for http and one for https.
I assume there is a limit on the number of SNI stacked SSL client profiles assigned to a VIP - I could not find any specifics on that limitation. Also, any know performance levels with loaded SNI certs?
Appreciate any and all feedback!
seems asked before : https://devcentral.f5.com/questions/maximum-number-of-client-ssl-profiles-per-virtual-server-53286
SSL TPS you may need to consider.
Appreciate the reply however,
An answer of "I think it should be...." could not be consider definitive. Also, the referenced link just shows how to add a SNI profile based scenario and has no reference to any limitations or performance characteristics. When talking thousands of items performance is a major concern.
As such there is no limit as per RFC. It will depend on CA.
From an implementation standpoint, many certificate authorities limit the number of SAN domains to as low as 25 entries to as high as 100, as per following link: