I think this question may be more general than OpenSSL, and will expose my SSL n00biness, but I'm not sure where to turn.
I'm working on integrating the use of openssl on an embedded target which I have widely distributed in the field. The issue I have is that each target is nestled within someone elses private network, and I have no control over the IP address, nor domain name assignment, yet I still want to be able to setup secure web communications between the target and client. What I want is to use a single certificate request file, and have a single private key for each of my deployed servers, each of which will have a different domain name and IP address. >From what I understand, using the same certificate and server private key is not possible, so I have to generate and get signed a certificate for each and every one of the thousand units I have deployed. To compound the difficulty, since these are small embedded targets, the certificate and key needs to be compiled into the target code at build time, so I have to make 1000 different builds, one for each target. This just seems wrong. Can someone help me get my learn on? Thomas Taranowski Certified netburner consultant baringforge.com
