Docsright arrowEmissary-ingressright arrowServer Name Indication (SNI)

2 min • read

Server Name Indication (SNI)

Emissary-ingress supports serving multiple Hosts behind a single IP address, each with their own certificate.

This is as easy to do as creating a Host for each domain or subdomain you want Emissary-ingress to serve, getting a certificate for each, and telling Emissary-ingress which Host the route should be created for.

The example below configures two Hosts and assigns routes to them.

Configuring a Host

The Host resources lets you separate configuration for each distinct domain and subdomain you plan on serving behind Emissary-ingress.

Let's start by creating a simple Host and providing our own certificate in the host-cert secret.

Now let's create a second Host for a different domain we want to serve behind Emissary-ingress. This second Host uses Ambassador Edge Stack's automatic TLS to get a certificate from Let's Encrypt.

We now have two Hosts with two different certificates.

Configuring routes

Now that we have two domains behind Emissary-ingress, we can create routes for either or both of them.

We do this by setting the hostname attribute of a Mapping to the domain the Mapping should be created for.

The above creates a /httpbin/ endpoint for

The above creates a /foo/ endpoint for

The above creates a /bar/ endpoint for all Hosts.