You might be able to use a SSL terminator.
In this case, a seperate machine acts as a proxy to your sites and handles
SSL for you. The ssl load is handled by the proxy machine and your web
servers are somewhat protected.
This is commonly used when you want to use SSL, and you still want your
Is there some SSL limitation that only allows 1 Certificate per IP
address?
Yes, or at least that's my understanding. The SSL negotiation is done before
the Host: header can be sent.
James
Hello,
Yeah, that's a good text, I'll add it. Thanks Mike!
Regards,
Karl Avedal
David Ekholm wrote:
That's what I call an answer! It explained a lot. Orion guys, pleas add that
to your SSL howto.
You can also retrieve a cert+CAcert already chained right from Thawte.
Select an SSL type
- Original Message -
From: "Kit" [EMAIL PROTECTED]
To: "Orion-Interest" [EMAIL PROTECTED]
Sent: Thursday, October 12, 2000 4:54 PM
Subject: SSL question
Hi all
I have a problem using the command below.
keytool -keystore keystore -keyalg "RSA" -import -trustcacerts -file
That's what I call an answer! It explained a lot. Orion guys, pleas add that
to your SSL howto.
You can also retrieve a cert+CAcert already chained right from Thawte.
Select an SSL type test cert and also check the chaining setting on the web
page for test cert generation.
/David
- Original
the first line is correct. it's telling you that this certificate does not
match the private key (which you made with -genkey first, right?) in your
keystore.
in the second one you didn't specify where your keystore is.
this this and see if you have both the private key and the certificate in