Certs for securing connections have always been a "black art" to me. So, I have a feeling that a few of you on this list will probably have some good ideas for us.
We run a lot of Apache web servers on zLinux (SLES 11 mainly). Several are "general use" web servers, i.e. we have a lot of little web sites running as vhosts on one virtual server. They all share the same IP address and Apache sorts out "who is who" on the incoming transaction based on the URL requested. Now, from what little I understand of certs, there can be only 1 per IP address. So, if we get cert for the general use web server, it will apply to all vhosts on that server. If we want individual certs for each vhost, we would have to supply an IP/NIC for each. Do I have that correct? If so, any ideas on how to get around that? For example, could we host multiple IPs from the same NIC if the server is on a layer 2 vswitch? (Will it do trunking, basically?) Is there an easier way to approach this? Martha ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
