>-----Original Message----- >From: Owen Boyle [mailto:[EMAIL PROTECTED]] >Sent: 11 February 2002 16:26 >To: [EMAIL PROTECTED] >Subject: Re: Multople VH with same certificate? > > >Santosh Deshpande wrote: >> >> hi all, >> I would like to know whether a SSL certificate is issued >to a specific >> domain? > >Yes - a normal certificate has the fully-qualified domain name >in it. If >you use the cert on another site, the browser will trap it and >pop up an >alert that the cert doesn't match the FQDN. > >> Can I run have two vhosts configured with a single certificate >> e.g. www.mydomain.com ( 213.x.x.x:443) >> and sub.mydomain.com ( 213.x.x.y:443) > >SSL doesn't care about the IP addresses. If you run two sites like this >with one cert, it will "work" - but the browser will throw up an alert >which might frighten off customers. > >I've heard you can get a wildcard certificate which will match >*.mydomain.com - from Thwate, I think. > Here at RNIB we've been using a wildcard certificate from Thawte (www.thawte.com, pronounced "thought") since July 1999, mainly because of the hassle of maintaining several certificates. <flame war commences>. Recently, it simply been more economical to pay $500 for a wildcard certificate than for several $100 certificates (the price may have changed since our last renewal).
In all that time I've not received any complaints that someone couldn't connect to our secure site. We've had 128bit security since 1997, again without much difficulty. A while ago we had some problems internally with IE and SSL. IIRC that was with IE5.0 and no service packs. We currently use IE5.5SP2 corporately (yuk!) again without SSL related problems. Of course, YMMV. In an event, you'll find Thawte staff very helpful. - John Airey Internet systems support officer, ITCSD, Royal National Institute for the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] Agnostic (Greek) = Ignoramus (Latin) - NOTICE: The information contained in this email and any attachments is confidential and may be legally privileged. If you are not the intended recipient you are hereby notified that you must not use, disclose, distribute, copy, print or rely on this email's content. If you are not the intended recipient, please notify the sender immediately and then delete the email and any attachments from your system. RNIB has made strenuous efforts to ensure that emails and any attachments generated by its staff are free from viruses. However, it cannot accept any responsibility for any viruses which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk 14th June 2002 is RNIB Look Loud Day - visit http://www.lookloud.org.uk to find out all about it. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
