i about to buy a signed cert for the first time to use on a web server. there seems to be a few possibilities so i'd like to ask about them.
i have two hosts for redundancy. each has apache/modssl and two vhosts: one for http and the other for https. i want users to be able to reach the https vhosts via multiple host names, thus: host one is configured with servername=www1.domain.com with two aliases: domain.com and www.domain.com. host two has servername=www2.domain.com with the same two aliases as host one. i only use ssl for encryption of passwords; server auth is not very important and there's no money in the transactions. my goal is to eliminate all web browser cert/security warnings while keeping passwords private. so i figured i'd buy one "Go Daddy Standard SSL Multiple Domain (UCC)" cert and install it on both hosts. the cert has all four host names in it (domain.com, www.domain.com, www1.domain.com, and www2.domain.com). i'd be really grateful if y'all could point out any flaws in my understanding and approach to cofiguration. tom ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
