Is there any way to run more than one certificate on the secure server? For example, have a virtual domain get their own certificate to run on the server. Also, is there a 1.3.x version of rhsws coming in the future, or can we simply go get Apache-SSL 1.3.x and use that under the license we have from the Redhat version? -Scott -- Scott Lampert | Home Page: http://www.heavymetal.org <fortunato@heavymetal.org> | PGP Key: finger fortunato@heavymetal.org "Singe the Hare Hare, +----------------------------------------- dance the Hoochie Koo!"
Scott I had the same question as your first one. This is the ancer that RedHat gave me. You will need to use the directives: SSLCertificateFile filename SSLCertificateKeyFile filename You should be able to use these inside your <VirtualHost> directives to use a different key for each. mike Date forwarded: 24 Nov 1998 16:04:38 -0000 Date sent: Tue, 24 Nov 1998 11:04:36 -0500 From: Scott Lampert <fortunato@heavymetal.org> To: redhat-secure-server@redhat.com Subject: Two Questions Forwarded by: redhat-secure-server@redhat.com Send reply to: redhat-secure-server@redhat.com> Is there any way to run more than one certificate on the secure server? > For example, have a virtual domain get their own certificate to run on the > server. > > Also, is there a 1.3.x version of rhsws coming in the future, or can we > simply go get Apache-SSL 1.3.x and use that under the license we have from the > Redhat version? > -Scott > > -- > Scott Lampert | Home Page: http://www.heavymetal.org > <fortunato@heavymetal.org> | PGP Key: finger fortunato@heavymetal.org > "Singe the Hare Hare, +----------------------------------------- > dance the Hoochie Koo!" > > > -- > PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES! > http://www.redhat.com http://archive.redhat.com > To unsubscribe: mail redhat-secure-server-request@redhat.com with > "unsubscribe" as the Subject. >______________________________________________________________ Michael Steinhart OPCenter mike@opcenter.net PMH Network Services, Inc. http://www.opcenter.net 284 Ackerman Ave Emerson, NJ 07630 (201)599-2022 fax (201)599-2099
On Tue, 24 Nov 1998, Scott Lampert wrote:> Is there any way to run more than one certificate on the secure > server? For example, have a virtual domain get their own certificate > to run on the server.Yes. But virtual domains will have to have separate IP addresses, you can''t run a virtual domain on the same IP address as the main server. This is a limitation of SSL.> Also, is there a 1.3.x version of rhsws coming in the future, or > can we simply go get Apache-SSL 1.3.x and use that under the license > we have from the Redhat version?You are not licensed to use Apache-SSL if you get the Red Hat Secure Web Server. This is per our agreement with RSA Data Security, Inc., who holds the patent licenses on the encryption technology. --- -Preston Brown Red Hat Software, Inc. pbrown@redhat.com
On Tue, Nov 24, 1998 at 03:33:40PM -0500, Preston Brown wrote:> Yes. But virtual domains will have to have separate IP addresses, you > can''t run a virtual domain on the same IP address as the main server. > This is a limitation of SSL.You have to use separate IP addresses? I am only using one IP, and multiple certificates.. it seems to work fine, I just added this line to my virtual host config: Port 444 To bind it to another port. Is this bad? It seems to work fine, I get a lock, and no complaints from my browser. Maybe I am talking about something else.. and I didn''t read carefully enough, but I have about 50 sites on this machine, many using different certs. -- ----------------------------------------------------------------------------- Jon C. -- System Administrator jon@lightstream.net LightStream Internet, Incorporated ** http://www.lightstream.net (440)/269-2352 -----------------------------------------------------------------------------
On Tue, 24 Nov 1998, Jon C wrote:> On Tue, Nov 24, 1998 at 03:33:40PM -0500, Preston Brown wrote: > > > Yes. But virtual domains will have to have separate IP addresses, you > > can''t run a virtual domain on the same IP address as the main server. > > This is a limitation of SSL. > > You have to use separate IP addresses? I am only using one IP, and multiple > certificates.. it seems to work fine, I just added this line to my virtual > host config: > > Port 444 > > To bind it to another port. Is this bad? It seems to work fine, I > get a lock, and no complaints from my browser.But if you check out the certificate information, I assure you, it will be the same one as on the default SSL port. Hit the lock button in netscape and check it out. I''d be quite surprised if this wasn''t the case. If I''m right, don''t let your customers know. :) --- -Preston Brown Red Hat Software, Inc. pbrown@redhat.com