Might be I just was to stupid to put the extensions there in the right manner...perhaps you can get such a certificate for me :)There is another alternative: Use one single certificate with multiple DNS Subject Alternative Names. That way you can have as many SSL vhosts on one single port as you like.But current browsers dont support this and will bring an alert that the DOmain does not match the certificate ! (At least when I tried this some month ago I had the issue with IE and FF)interesting, my customer is doing this with an internal web hosting services. AFAIK they are running a web server with a Server Cert that contains 20+ DNS SANs. I haven't verified this myself, though, so I'll ask the guys who are using this here. (I do know that web browsers at least honour the DNS SAN extension for a single value, why should they ignore it when there are multiple values?)
Oliver -- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72
smime.p7s
Description: S/MIME Cryptographic Signature
