There's no difference between using a wildcard cert compared to any other.
So you need just SSLCertificateFile and SSLCertificateKeyFile lines to point
to the certificate and key respectively. I then match servername to the name
of the host I'm serving. I don't even know if it's necessary, but I'm the
kind of person who would put an elephant in Cairo to make sure the pachyderm
program terminates correctly, if you know what I mean.
As for problems using them, we have used a wildcard certificate for about
two years now and haven't come across any difficulties so far. Being a large
organisation and a charity the same key is used for internal and external
systems rather than pay for a key on every machine. We use IE internally on
a large scale and haven't experienced problems (so far).
However, it must be said that Microsoft's implementation of SSL on IE,
including wildcard certs leaves a lot to be desired. But I would see that as
little reason not to use a wildcard certificate. If you are using or
intending to use more than five secure sites it's probably just what you
need.
However, the final choice is up to you! You can also talk to Thawte about it
as well and their technicians are available at http://thawte.chatspace.com/
AFAIK Thawte are the only people that do wildcard certs. And I don't get
commission for every wildcard cert that I recommend. (Not yet anyway).
-
John Airey
Internet Systems Support Officer, ITCSD, Royal National Institute for the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED]
-----Original Message-----
From: David Rees [mailto:[EMAIL PROTECTED]]
Sent: 20 July 2000 21:00
To: [EMAIL PROTECTED]
Subject: RE: Opinions
Shouldn't be a problem. When building apache, just specify a
different --prefix.
Don't know about the wildcard certs, though.
-Dave
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of callen
> Sent: Thursday, July 20, 2000 12:44 PM
> To: [EMAIL PROTECTED]
> Subject: Opinions
>
>
> Hola,
>
> I have a two-parter:
>
> <>
> I am looking for general opinions on the following situation.
>
> I am thinking of running two apache binaries:
>
>
> 1 to service regular vhosted websites (port 80 only , with php3,
> mod_perl, mod_proxy)
>
> 1 binary to handle modssl with a wildcard cert. (port 443-8443 etc
> only), what I am wondering is their a chance that these binaries will
> intercept each others data? As far as my understanding this is
> httpd.conf's issue and as long as I set these up correctly one hand
> won't see the other hand, correct?
>
> <>
>
>
>
> What has anyone found out about the Wildcard cert as far as
> incompatibilities go? Besides the IE probs? Will anyone post a sample
> vhost snip using the wildcard cert?
>
>
> Thank you,
>
>
>
> --
> Christopher C.M. Allen
> http://design.driver8.org/
> Email: [EMAIL PROTECTED]
> Cell : 1.715.821.4006
> Home Phone: 1.715.426.6661
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
