[CentOS] Self-signed certificates
Thomas E Dukes
edukes at alltel.net
Mon Jan 23 23:37:52 UTC 2006
> -----Original Message-----
> From: centos-bounces at centos.org
> [mailto:centos-bounces at centos.org] On Behalf Of Jim Perrin
> Sent: Monday, January 23, 2006 6:17 PM
> To: CentOS mailing list
> Subject: Re: [CentOS] Self-signed certificates
>
> > Hmmm. I'll give that a try. Not really interested in the
> error about
> > being 'self-signed' (issuing authority) but just want the
> name to be
> > right and the security to be there.
> >
> > Will try and let you know.
>
> http://httpd.apache.org/docs/2.0/vhosts/name-based.html
>
> Note the line near the top that says "Name-based virtual
> hosting cannot be used with SSL secure servers because of the
> nature of the SSL protocol." And also
> http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#vhosts
>
> The first just says you can't. the second provides a more
> detailed reason. The way I gave you is really the only way to
> accomplish what you're doing with mod_ssl etc.
I have seen that but it is possible to have a secure connection using named
based virtual hosts. Been doing it for a while, visit
https://mail.palmettodomains.com, just trying to get the name on the
certificate to match. I was just tring to get a separate certificate for
other sub-domains using different/correlating naming, but it looks like the
certificates have to be named 'server'.key or .crt.
More information about the CentOS
mailing list