[TriLUG] Apache SSL Questions/Help
mpeters at plusthree.com
Mon Oct 27 14:00:10 EDT 2008
Steve Kuekes wrote:
> 1. Can I get certificates for free from somewhere or do I have to buy one from someone, like
> godaddy or verisign?
You can just make your own, get them from a free source or buy them. Although browsers will give
users a warning message for anything except certs that you buy from a trusted authority.
> 2. Can I have multiple certificates on the server for different virtual hosts?
Yes as long as they all have different IP addresses. SSL is an IP based protocol and doesn't work
with named virtual hosts.
> 3. If I can't is there a setup that will allow me to share the certificate somehow?
You can use invalid certs, but your users will always get a warning
> 4. I might have to use this with a tomcat server using proxypass, can I do this too?
Yes. The SSL layer is between the browser and the server on the front lines. If it then proxies, the
proxied request is without the SSL security so make sure it's on a secured network. That is unless
you have another SSL cert/layer between the proxy and the tomcat server.
Plus Three, LP
More information about the TriLUG