Daniel Chester wrote:
> Just to get complete understanding about the actual Certs that one
> would
> buy from someone like Verisign. Do you need 1 cert per Apache server,
>
> one per domain/IP address, or one per host on the domain?
A certificate binds to a domain name, so you would need one cert per
domain name.
ie: http://www.blah.com needs one certificate, regardless if on the
backend there are 20 load balanced machines with twenty different IP
addresses. If you have www1.blah.com and www2.blah.com, you would need
two certificates - because you have two names.
But, just to make things interesting: If you buy a wildcard certificate
from Thawte (now part of Verisign) with the name *.blah.com, then it
will match both www1.blah.com or www2.blah.com (or in fact
<anything>.blah.com). Upside: buy one certificate and use it with a
whole lot of websites under the same domain. Possible downside: doesn't
work with MSIE v3. Up to you whether you care.
Regards,
Graham
--
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
