Re: Multiple web hosts and SSL

From: Karl Levinson [x y] mvp (jamescagney90210@excite.com)
Date: 01/20/03 

From: "Karl Levinson [x y] mvp" <jamescagney90210@excite.com>
Date: Mon, 20 Jan 2003 08:18:06 -0500

It is possible to create a "wildcard" cert using the name *.domain.com
though there may be some limitations on which browsers [or servers?] can use
them successfully. I think the story is that Windows 2000 with no service
packs had problems with wildcard certs, until service pack 1 or later was
installed. [Of course with many problems like this with certificates, the
encryption still works, but the users first get a popup message that sounds
like a fatal error.]

The price is not the same as non-wildcard certificates... one provider
charges $500 per wildcard cert.

In general I like using www.entrust.net instead of verisign, they're both
owned and signed by the same people, but entrust certs are like a third of
the price, around $120 / year for non-wildcard certs.

For more information on this or just about any other question you might have
about computers or anything else, try searching www.google.com, such as:
http://www.google.com/search?hl=en&ie=ISO-8859-1&q=wildcard+ssl+certificate
http://groups.google.com/groups?q=wildcard+ssl+certificate

For general information on SSL certificates and any other question you might
have about IIS, see www.iisfaq.com/ssl

"Wizard" <W1ld0ne74@hotmail.com> wrote in message
news:#CBm8JIwCHA.2424@TK2MSFTNGP10...
> My question is simple, I hope the answer is just as simple.
>
> Can a single SSL certificate service multiple host servers on a single
> domain?
>
> We want to implement a load balancing system that redirect clients to the
> least loaded server.
>
> Example: Requests come in to www.domain.com. This server checks the load
on
> a couple of servers named ww1.domain.com, ww2.domain.com and
> ww3.domain.com.... Do I need a separate SSL certificate for each host or
> can they all use a single certificate for domain.com?
>
> I would appreciate any help and/or references
>
> Thanks
> David
>
> 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.443 / Virus Database: 248 - Release Date: 1/10/2003

Relevant Pages

  • Re: Good book on SSL and Exchange
    ... >servers and how to set up secure access from the internet for these servers. ... >What certs should I load where should I load the certificates ...
    (microsoft.public.exchange2000.general)
  • Re: How to fix broken security in Windows 2000?
    ... mvp) post all this stuff? ... >> involved in importing security certificates. ... > and Microsoft code signing are not proof that Microsoft is writing ... > past two days you have said that certs are missing, ...
    (microsoft.public.win2000.windows_update)
  • Re: How to fix broken security in Windows 2000?
    ... mvp) post all this stuff? ... >> involved in importing security certificates. ... > and Microsoft code signing are not proof that Microsoft is writing ... > past two days you have said that certs are missing, ...
    (microsoft.public.security)
  • Re: How to fix broken security in Windows 2000?
    ... mvp) post all this stuff? ... >> involved in importing security certificates. ... > and Microsoft code signing are not proof that Microsoft is writing ... > past two days you have said that certs are missing, ...
    (microsoft.public.win2000.security)
  • Re: Link table?
    ... Now it seems like you want to see all certs, ... the certificates do not appear if not asigned or has been ... be added to the tblCert if will not appear of the form as an option. ... FROM tblCert LEFT JOIN tblPersonCerts ON tblCert.fCertID = ...
    (microsoft.public.access.queries)