Assuming you support SSL/TLS, how do you get around matching a server certificate CN to each of your per-user DNS entries? Do you use wildcard certificates?
Yes, we use wildcard certificates.
By the way, the DNS server for that zone is tied to the accounting system, as opposed to having manually-edited zone files.
-- Mark --
http://staff.washington.edu/mrc Science does not emerge from voting, party politics, or public debate. Si vis pacem, para bellum.
