Why would you need to support both SSL certificates? From what I've seen (at least with Verisign) when you renew a certificate, it adds the renewal period to the end of your current expiration period, but is valid from the date you renew! As soon as you get the new certificate, you should be able to use it. You don't need to wait for the old one to expire to do the swap.
Please respond to users@httpd.apache.org To: users@httpd.apache.org cc: (bcc: Dan Mitton/YD/RWDOE) Subject: Re: [EMAIL PROTECTED] Re: adding multiple SSLCACertificateFile in vhost.conf LSN: Not Relevant User Filed as: Not a Record saibaba Duggirala wrote: > yes, more than one SSL enabled > servername on a single IP address, single NIC > > The cureent certificate is expiring in couple of months so we want to > seamleesly support the current one until it expires along with the new > one > > as far as I am aware SSL certs cannot be combined on a single IP, you need to either use 2 NICs or use IP aliasing to bind 2 IP addresses to a single NIC, and then in your vhost conf you can set up the certs one each per IP, here's a short article: http://www-128.ibm.com/developerworks/web/library/wa-multissl.html#resources matt > */matt farey <[EMAIL PROTECTED]>/* wrote: > > > > saibaba Duggirala wrote: > > hi, > > can anyone please let me know what is the procedure to add multiple > > SSLCACertificateFile in vhost.conf in apache > > > > So far we have been using only one file, shown below in vhost.conf > > SSLCACertificateFile conf/ssl/nsm_ca1.cr > > > > We would like to use another root certificate along with the > above one > > , so is it as simple as adding another line like above > > SSLCACertificateFile conf/ssl/nsm_ca_2.cr in vhost file or is there > > something else that I should be doing > > > > > > Thanks, > > saibaba > > > > Get your own web address. > > > > Have a HUGE year through Yahoo! Small Business. > > > > > depends on your setup, are you trying to host more than one SSL > enabled > servername on a single IP address, single NIC, or what? > > > -- > Matthew Farey > > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server > Project. > See for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] > " from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > Sucker-punch spam > < http://us.rd.yahoo.com/evt=49981/*http://advision.webevents.yahoo.com/mailbeta/features_spam.html > > with award-winning protection. > Try the free Yahoo! Mail Beta. > < http://us.rd.yahoo.com/evt=49981/*http://advision.webevents.yahoo.com/mailbeta/features_spam.html > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
