Here's something that didn't seem to be a problem till I started thinking about it... On one of our webservers we have two instances of apache (they run as different UIDs and generally don't have access to one another's resources).
One of them uses cosign, and the other doesn't, but I'd kind of like the other one to use cosign too. What's the right way to do this? At first I thought that running them off the same certificate, and the same /var/cosign/* would be fine, but I'm not sure now. Or am I worrying over nothing? Alternatively I could use separate certificates, separate cosign directories etc, but is having two certificates with the same DN going to be a problem? I think that might be worse. I'm starting to wonder if it would be easier to move the second web service onto a different box (it doesn't do much work, so it could go on a VM) Steve Bennett, Lancaster University. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
