That's true if each of his servers will have the same common name (CN). But if one server resides for example on imap.foobar.com and the other at smtp.foobar.com, he has to use different certificate.
Mozilla/Netscape browsers are quite picky if it comes to wrong CN attributes.
BTW Dave - If you did install Apache together with mod_ssl the mod_ssl manual could be found at:
-> http://localhost/manual/ssl/
Louis LeBlanc schrieb:
On 12/19/04 12:45 PM, dave sat at the `puter and typed:
Hello, I've got a 5.3 box that i'm using as a self-signing ca. I want to get keys going for all the various protocols i use, http, which i've done, pop and imap, and smtp. It's these last three i'm having the headache. I'm using postfix as my MTA and courier imap for pop/imap, i know that the latter has a program to generate keys but not csr's, i'm not sure how to get keys from courier and/or postfix to the ca for signing. I'm probably missing somehing very basic, and would appreciate any help. Thanks. Dave.
Why would you want to use multiple methods? Just create a single self signed CA from OpenSSL and use it to sign a single cert for all your servers. You could also just use a self signed cert for all of them.
Check out this info: http://www.openssl.org/docs/apps/x509v3_config.html#Subject_Alternative_Name_
That will tell you about using a single cert for multiple domains if that is what you need.
Hope this helps.
Lou
-- Mit freundlichen Gruessen / With kind regards
Daniel S. Haischt | phone: +49 -7032-992909
Grabenstrasse 11 | +49 -700-DHAISCHT
| fax: +49 -7032-992910
D-71083 Herrenberg | fax2mail: +49 -7032-7999738
GERMANY | cell: +49 -172-7668936SIP: sip:[EMAIL PROTECTED]:5060 email: [EMAIL PROTECTED] web: http://www.daniel.stefan.haischt.name/ _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
