not all browsers accept *.domain certs so be careful the problem with different certs is that SSL hands out the cert as soon as the connection is established, before the sender tells you anything. TLS has an option to have the client tell the server what it's trying to connect to so that the server can hand back the proper cert, but this has almost no support currently and is the part of the TLS spec that isn't compatable with SSL.
David Lang On Wed, 25 Sep 2002, twk wrote: > Date: Wed, 25 Sep 2002 09:45:50 -0400 > From: twk <[EMAIL PROTECTED]> > Cc: [EMAIL PROTECTED] > Subject: Re: multiple ssl certificates (for one service) > > > > Samuel Hug wrote: > > > Hi, > > > > is there a possibility to use more than one server certificate? The > > problem is that the mailserver has multiple domain names. The domain > > names don't specify different services as pop or imap, therefore > > tls_pop3.... and tls_imap... wouldn't help me. > > > > Anybody got a hint? > > > > > Thawte has wild card certificates...so you can get a cert for *.moritzi.ch and > the cert is recognized for all servers whose domain name ends in ".moritzi.ch". > > If the domains are completely different, I don't know what you can do. > > Cheers, > Tom > > > > > -- > Tom Karches email : [EMAIL PROTECTED] > Web Systems Administrator phone : 919.515.5508 > NCSU Information Technology >
