You can install the same certificate on multiple machines.

The certificate should contain the virtual server NAME in the
SSL_SERVER_S_DN_CN field (Common Name) - e.g. www.mysite.com

The browser will check that the certificate and the url match - eg
browser asked for https://www.mysite.com/somepage and the certificate is
issued to www.mysite.com. If the names do NOT match, the user will be
warned that the server name and certificate do not match.

So if you have the same virtual site implemented on multiple servers,
they can happily share the same server cert - you just need to install
the cert files on both servers.

Regards
Jeff

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Greg Jones
Sent: 09 May 2002 17:03
To: [EMAIL PROTECTED]
Subject: Certificates and Apache/modssl


All-

We are planning on using commercial load balancing software for two
servers
running apache with modssl. Does Apache with modssl require that each
server
have its own certificate or can I use the same certificate on both
servers
since they'll be answering to the same virtual ip? Also, will my
certificate
be based on the virtual ip or the ip of the server. Users will always
get to
the web servers via virtual IP.

Thanks,

Greg Jones
Voice Portal Systems Administrator

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]


______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to