RE: CNAME question/problem

John . Airey Fri, 25 May 2001 07:24:57 -0700
If you have the old certificate you could use two IP numbers and use
mod_proxy to divert to the new site (on a different IP number). Of course,
if the old certificate has expired then you'll still get a warning about the
old certificate.

The only other solution is to buy another certificate for your old domain
and again use mod_proxy to divert to the new site. There is no other
solution, as any other solution would break the whole principle of
certifying the authenticity of domains (which is what your verisign
certificate does).

- 
John Airey
Internet Systems Support Officer, ITCSD, Royal National Institute for the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] 


> -----Original Message-----
> From: Robin P. Blanchard [mailto:[EMAIL PROTECTED]]
> Sent: 21 May 2001 12:52
> To: [EMAIL PROTECTED]
> Subject: CNAME question/problem
> 
> 
> the scenario:
> 
> old webserver (www.blahblahblah.edu) had a verisign cert. our 
> organization
> recently purchased www.blahblahblah.org and a corresponding 
> thawte cert.
> we want to phase out www.blahblahblah.edu, entirely. i've 
> setup mod_rewrite
> to rewrite www.blahblahblah.edu -> www.blahblahblah.org ; but 
> users can
> still access www.blahblahblah.edu as it points to the same IP 
> address. they
> therefore get a broswer warning that the cert 
> (www.blahblahblah.org) doesn't
> match the machine name they've requested 
> (www.blahblahblah.edu). is there a 
> way to force a canonical name? ie, listen on an ip address 
> and force use of
> a machine name?
> 
> 
> -- 
> ------------------------------------
> Robin P. Blanchard
> IT Program Specialist
> Georgia Center for Continuing Ed.
> fon: 706.542.2404 fax: 706.542.6546
> email: [EMAIL PROTECTED]
> ------------------------------------
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
> User Support Mailing List                      [EMAIL PROTECTED]
> Automated List Manager                            [EMAIL PROTECTED]
> 
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]
RE: CNAME question/problem

Reply via email to
