Justin, Fri, Jan 09, 2004 at 03:12:51PM -0000:
> Using 1) By one cert for FQDN www.mydomain.com , and copy to each server.
OK
> Using 2) I need to purchase 3 certs using server1.mydomain.com,
> server2.mydomain.com, serverN.mydomain.com as FQDNs.
No, you need to purchase 3 licenses for the same cert - but this depends
on the license agreement between you and the CA.
> If I have a multiple sites on serverN.mydomain.com, in addition to
> mydomain.com, and using host headers, does that cause any problems?
Yes, if they use the same IP. SSL transaction (certificate presentation)
comes BEFORE the client can send host headers, so it's an 1:1
relationship between IPs and certs. If you want multiple SSL websites
on the same machine you must have multiple IPs, each with its cert
(see point 1), since a certificate has a CN field that must be identical
to the host header of the site, or you'll get a warning from the browser.
p.
--
pbm - "Earn cash in your spare time: blackmail your friends."
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
