Date: Wed, 18 Jul 2001 10:42:41 -0700 From: Sean Peck <seanp@loudcloud.com> To: Ryan Thompson <ryan@sasknow.com> Cc: BSD Freak <bsd-freak@mbox.com.au>, FreeBSD Questions <freebsd-questions@FreeBSD.ORG> Subject: Re: SSL Certificates Message-ID: <3B55CA90.4C2A12E5@loudcloud.com> References: <20010718004526.E514-100000@home.sasknow.net>
next in thread | previous in thread | raw e-mail | index | archive | help
If you are going to go for a *.yourname.com you will save a good bit of money and a lot less paperwork if you go get it from thawte.com instead of verisign. Ryan Thompson wrote: > BSD Freak wrote to FreeBSD Questions: > > > Hiya all, > > > > I need to host multiple SSL sites on my FreeBSD 4.3 box. I am > > currently using Apache 1.3 + mod_ssl and am using name based virtual > > hosts. I don have a lot of experience with SSL but maybe someone out > > ther has. > > > > My question is do I need a seperate digital certificate for each > > virtual host? Going by the Verisign documentation it seems so but is > > not 100% clear. > > You normally need a different digital certificate for each common name (a > common name is a complete hostname, like www.yourname.com). Verisign will, > however, for a bigger price, issue wildcard certs based on a 2nd level > domain, that will match *.yourname.com, for example. Some other cert > issuers (like Thawte) offer the same. This assumes you do not want your > users to go through the hassle or uncertainty of authorizing a > certificate. If you don't care about that, you can self-sign your own > certificates and not bother paying a CA, for that matter). > > And, unfortunately, name based virtual hosting does not work with SSL. > Every different SSL virtual host needs a unique IP address. You must use > IP-based virtual hosting. If you don't have access to spare IP addresses, > virtually hosting multiple SSL sites won't work. > > > Does anyone know there answer for certain? > > Been there, done that, got the bigger netblock, so yes, quite certain. :-) > > - Ryan > > > > > Thank in advance... > > > > --------------------------------------------- > > Receive faxes 24x7, no second line necessary. > > http://www.mbox.com.au/ > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Garbage Collection... the bell bottoms of programming.. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B55CA90.4C2A12E5>