Subject: A better approach to security
List archive
- From: Dominik George <dominik.george AT cacert.org>
- To: cacert AT lists.cacert.org
- Subject: Re: Using a cacert certificate
- Date: Mon, 20 Sep 2010 10:30:40 +0200
Hi,
and this seems to be working happily. I have now created:Yes, and the private key has to match as well.
CAcert_www.pricom.com.au.crt
(I have a number of domains on the same IP) using the same csr as before.
Can I simply replace:
/etc/httpd/conf/ssl.crt/mars-server.crt
with:
CAcert_www.pricom.com.au.crt
?
As Markus already mentioned, you won't get happy with OpenSSL and name-based virtual hosts. This is a logical situation: Remember that SSL negotiation takes place before any data is sent, so Apache won't be able to read the Host-header in order to determine the VHost to use.
--
Mit freundlichen Grüßen,
With kind regards,
Dominik George
CAcert Senior Experienced Assurer
CAcert Support Engineer
CAcert Co-Auditor
CAcert Policy Group Member
CAcert Infrastructure Admin for E-Mail
CAcert Inc. Association Member
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-
Using a cacert certificate,
Philip Rhoades, 09/18/2010
-
Re: Using a cacert certificate,
Markus Warg, 09/20/2010
-
Re: Using a cacert certificate,
Ian G, 09/20/2010
-
Re: Using a cacert certificate,
Mathias Ertl, 09/21/2010
- Re: Using a cacert certificate, Jan Dittberner, 09/21/2010
-
Re: Using a cacert certificate,
Mathias Ertl, 09/21/2010
-
Re: Using a cacert certificate,
Ian G, 09/20/2010
- Re: Using a cacert certificate, Dominik George, 09/20/2010
-
Re: Using a cacert certificate,
Markus Warg, 09/20/2010
Archive powered by MHonArc 2.6.24.