You may try to use multiple host names in a single cert. Tested with apache
only, not with resin. Anyway, all vhosts have to use the same cert. Maybe
some of the following notes can help:

- csr generation tool using subjectAltName extension

- csr generation by script (will add subjectAltName extension to conf)
        sh csr

- modifying opennssl.cnf in order to sign request with extension
        [ v3_ca ]
        subjectAltName = critical,DNS:localhost1,DNS:localhost2

- signing the cert request
        openssl x509 -req -days 99 -extfile /etc/ssl/openssl.cnf \
                -extensions v3_ca -in lxwww2_csr.pem \
                -signkey host_privatekey.pem -out host_crt.pem

- check csr and crt (must contain X509v3 Subject Alternative Name)
        openssl req -in host_csr.pem -noout -text
        openssl x509 -in host_crt.pem -noout -text

- security issuses with subjectAltName and esp. wildcards:

- browser compability and

Best regards

-----Urspr√ľngliche Nachricht-----
[mailto:[EMAIL PROTECTED] Im Auftrag von Mattias Jiderhamn
Gesendet: Montag, 29. September 2008 12:24
An: Resin
Betreff: [Resin-interest] SSL - Different cert per virtual host?

Hi, I want to know if it is possible to set up Resin to use multiple SSL
certificates on the same server, each used for a different (virtual) host?

That is, I want the same Resin instance to correspond both to
with its SSL certificate and with its SSL certificate (on the
same port). Is that possible? How?


resin-interest mailing list

resin-interest mailing list

Reply via email to