Mulitple SSL Certificates
This is a discussion on Mulitple SSL Certificates within the Apache Web Server forums, part of the Web Server and Related Forums category; Hello, Apache 1.3.19 SSL AIX 4.3 I have a requirement to run multiple secure domains (different certificates) ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
07-28-2003
|
|||
|
|||
Mulitple SSL Certificates
Hello,
Apache 1.3.19 SSL AIX 4.3 I have a requirement to run multiple secure domains (different certificates) on a single RS6000. It seems I've read at apache.org or thawte.com somewhere that it is not recommended. If this is true, does anyone have any recommendations? So far, I cannot get it to work at all. I've tried using multiple apache installations (ie. /web/apache_1.3.19/ and /web/apache_1.3.19_other/ ) and starting them. Both start, and both ask for the right certificate PEM, but then when I visit the sites via a browser, one of them says there is a problem with the certificate. Any help would be greatly appreciated. Thanks, Mike |
|
07-29-2003
|
|||
|
|||
|
Re: Mulitple SSL Certificates
On Mon, 28 Jul 2003, Michael Fletcher wrote:
> Hello, > > Apache 1.3.19 SSL > AIX 4.3 > > I have a requirement to run multiple secure domains (different certificates) > on a single RS6000. It seems I've read at apache.org or thawte.com > somewhere that it is not recommended. If this is true, does anyone have any > recommendations? So far, I cannot get it to work at all. I've tried using > multiple apache installations (ie. /web/apache_1.3.19/ and > /web/apache_1.3.19_other/ ) and starting them. Both start, and both ask for > the right certificate PEM, but then when I visit the sites via a browser, > one of them says there is a problem with the certificate. > > Any help would be greatly appreciated. It can be done, but the problem is that of security. If running only one main web server serving all the domains, it means that the certificates must all be readable to the same user (the one that the server runs as). That means that the server serving one domain can access the certificates of the other domains, and that's the concern. |
|
07-29-2003
|
|||
|
|||
|
Re: Mulitple SSL Certificates
"Michael Fletcher" <mikelolita@yahoo.com> escribió en el mensaje
news:_OeVa.17973$v9.16487@nwrddc01.gnilink.net... > I have a requirement to run multiple secure domains (different certificates) > on a single RS6000. It seems I've read at apache.org or thawte.com > somewhere that it is not recommended. If this is true, does anyone have any > recommendations? So far, I cannot get it to work at all. I've tried using > multiple apache installations (ie. /web/apache_1.3.19/ and > /web/apache_1.3.19_other/ ) and starting them. Both start, and both ask for > the right certificate PEM, but then when I visit the sites via a browser, > one of them says there is a problem with the certificate. Please note these two things: * Certificates are attached to a fully qualified domain name. If you use www.server.com's cert in mail.server.com it will work but browser will complain. * HTTPS negociation is one layer above name based servers, so you need a unique IP/port combination for each server. Otherwise you'll be using the same cert for all and browser will complain. I hope this helps. |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 05:29 PM.
