Hi, >> There is another alternative: Use one single certificate with multiple >> DNS Subject Alternative Names. That way you can have as many SSL >> vhosts on one single port as you like. >> > But current browsers dont support this and will bring an alert that the > DOmain does not match the certificate ! > (At least when I tried this some month ago I had the issue with IE and FF)
interesting, my customer is doing this with an internal web hosting services. AFAIK they are running a web server with a Server Cert that contains 20+ DNS SANs. I haven't verified this myself, though, so I'll ask the guys who are using this here. (I do know that web browsers at least honour the DNS SAN extension for a single value, why should they ignore it when there are multiple values?) cu Martin ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
