[CentOS] Self-signed certificates
Thomas E Dukes
edukes at alltel.net
Tue Jan 24 00:56:23 UTC 2006
> -----Original Message-----
> From: centos-bounces at centos.org
> [mailto:centos-bounces at centos.org] On Behalf Of Jeff Lasman
> Sent: Monday, January 23, 2006 7:31 PM
> To: CentOS mailing list
> Subject: Re: [CentOS] Self-signed certificates
>
> On Monday 23 January 2006 03:37 pm, Thomas E Dukes wrote:
>
> > I have seen that but it is possible to have a secure
> connection using
> > named based virtual hosts. Been doing it for a while, visit
> > https://mail.palmettodomains.com, just trying to get the
> name on the
> > certificate to match. I was just tring to get a separate
> certificate
> > for other sub-domains using different/correlating naming,
> but it looks
> > like the certificates have to be named 'server'.key or .crt.
>
> I'm not sure of your point, Thomas.
>
> When I visit your site: https://mail.palmettodomains.com
>
> I get a secure site for secure.palmettodomains.com.
>
> Which is what I'd expect with name-based hosting, and which
> is what the original poster said he's trying to avoid.
>
> There is one way to get name-based hosting to work with
> individual certificates and not get name mismatch errors, and
> that's to set up the secure site on a different port. And I
> don't recommend that if anyone is ever going to have to type
> the URL into a browser; people just get confused. My
> recommendation is to only do that if the connection is only by link.
>
Maybe that's what I need to do as these are not really 'public' sites and
are only used for my purposes (mail). How would you declare port(s) 444,
445, 446, etc., as a secure/SSL site?
Thanks!!
More information about the CentOS
mailing list