-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
One other option that might be a little cheaper:
Thawte WILL issue .foo.com certs. They're more expensive than a
single cert, but I think it still comes to less than two certs from
Verisign.
Having used Thawte for all of our keys over the last few months, I am
VERY satified with their service. We have renewals done in under 24
hours, and new keys are 72 hours MAX.
Best regards,
Zac Bedell
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Friday, July 21, 2000 1:21 PM
> To: [EMAIL PROTECTED]
> Subject: RE: SSL in a Clustered Setup
>
>
> In my experience:
>
> 1) Verisign will not issue a certificate like .foo.com (maybe
> the SSL spec
> doesn't allow, I dunno).
> 2) The certificate "name" needs to match the name of the
> server requested by
> the browser.
>
> I have handled this by
> 1) buying one certificate for each box using that box's DNS name
> (www1.foo.com, www2.foo.com)
> 2) Setting up DNS round-robin for www.foo.com that points to
> www1 and www2
> 3) making the "entry points" to the site that I would
> advertise and link to
> non-SSL pages.
> 4) Allowing all internal links to be box-specific (www1, www2)
>
> I use ClusterCats, and it will redirect between boxes even if
> the request is
> SSL.
>
> HTH
>
> -----Original Message-----
> From: JustinMacCarthy [mailto:[EMAIL PROTECTED]]
> Sent: Friday, July 21, 2000 1:05 PM
> To: [cftalk]
> Subject: SSL in a Clustered Setup
>
>
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_00D3_01BFF33E.37822060
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> Hi All,
>
> Can anyone tell me what the issues are in implementing
> SSL certs in =
> a clustered setup. I have www1.foo.com and www2.foo.com with =
> LocalDirector spliting the load.
> Do I need two certs??? Does the user need to remain on the
> same box for =
> SSL to work ?
>
> Thanks=20
>
> ~Justin=20
>
> ------=_NextPart_000_00D3_01BFF33E.37822060
> Content-Type: text/html;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META content=3D"text/html; charset=3Diso-8859-1" =
> http-equiv=3DContent-Type>
> <META content=3D"MSHTML 5.00.2920.0" name=3DGENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=3D#ffffff>
> <DIV><FONT face=3DArial size=3D2>Hi All,</FONT></DIV>
> <DIV><FONT face=3DArial size=3D2></FONT> </DIV>
> <DIV><FONT face=3DArial size=3D2> Can
> anyone tell me =
> what the=20
> issues are in implementing SSL certs in a clustered
> setup. I have=20
> www1.foo.com and www2.foo.com with LocalDirector spliting the =
> load.</FONT></DIV>
> <DIV><FONT face=3DArial size=3D2>Do I need two certs??? Does
> the user =
> need to remain=20
> on the same box for SSL to work ?</FONT></DIV>
> <DIV> </DIV>
> <DIV><FONT face=3DArial size=3D2>Thanks </FONT></DIV>
> <DIV> </DIV>
> <DIV><FONT face=3DArial size=3D2>~Justin
> </FONT></DIV></BODY></HTML>
>
> ------=_NextPart_000_00D3_01BFF33E.37822060--
>
> --------------------------------------------------------------
> --------------
> --
> Archives: http://www.mail-archive.com/[email protected]/
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=list
s/cf_talk or
send a message to [EMAIL PROTECTED] with
'unsubscribe' in
the body.
- ----------------------------------------------------------------------
- --------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_tal
k or send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body.
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>
Comment: Please use PGP!!!
iQA/AwUBOXxpXgraVoMWBwRBEQKuIwCeI7dp3CZx9NmrZWSFLlWoMTAD7BUAoP2b
7u8nv+ILN7l6+dne95Q+yR9A
=oZK/
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
