In my experience:
1) Verisign will not issue a certificate like .foo.com (maybe the SSL spec
doesn't allow, I dunno).
2) The certificate "name" needs to match the name of the server requested by
the browser.
I have handled this by
1) buying one certificate for each box using that box's DNS name
(www1.foo.com, www2.foo.com)
2) Setting up DNS round-robin for www.foo.com that points to www1 and www2
3) making the "entry points" to the site that I would advertise and link to
non-SSL pages.
4) Allowing all internal links to be box-specific (www1, www2)
I use ClusterCats, and it will redirect between boxes even if the request is
SSL.
HTH
-----Original Message-----
From: JustinMacCarthy [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 21, 2000 1:05 PM
To: [cftalk]
Subject: SSL in a Clustered Setup
This is a multi-part message in MIME format.
------=_NextPart_000_00D3_01BFF33E.37822060
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hi All,
Can anyone tell me what the issues are in implementing SSL certs in =
a clustered setup. I have www1.foo.com and www2.foo.com with =
LocalDirector spliting the load.
Do I need two certs??? Does the user need to remain on the same box for =
SSL to work ?
Thanks=20
~Justin=20
------=_NextPart_000_00D3_01BFF33E.37822060
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.2920.0" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Hi All,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> Can anyone tell me =
what the=20
issues are in implementing SSL certs in a clustered setup. I have=20
www1.foo.com and www2.foo.com with LocalDirector spliting the =
load.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Do I need two certs??? Does the user =
need to remain=20
on the same box for SSL to work ?</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Thanks </FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>~Justin </FONT></DIV></BODY></HTML>
------=_NextPart_000_00D3_01BFF33E.37822060--
----------------------------------------------------------------------------
--
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
