________________________________________
From: 389-users-bounces(a)lists.fedoraproject.org
[389-users-bounces(a)lists.fedoraproject.org] on behalf of Daniel Maher
[dma+389users(a)witbe.net]
Sent: 09 November 2010 16:06
To: 389-users(a)lists.fedoraproject.org
Subject: Re: [389-users] duplicate existing ssl crenentials on another server ?
On 11/09/2010 04:27 PM, Gerrard Geldenhuis wrote:
> There is another document on the wiki which describes how to setup certificates for a
vip.... that is similar to what you want to do. I can't find it at the moment but
might be worth >trolling through the wiki again.
Actually, the SSL howto has a section on VIPs (the only hit on a search,
in fact) :
http://directory.fedoraproject.org/wiki/Howto:SSL#Using_Subject_Alt_Name
I gave it a second read-through, and it would seem to indicate that alt
names can be IPs as well as hostnames (i thought it was only the latter
that was possible).
It would therefore appear to be possible to create a certificate that
with a series of alt names - in my scenario, there would literally be
one hostname and two IP addresses.
Has anybody on the list done something similar ? Any advice ? Should
this just work outright ?
(p.s. Angel Bosch Mora - turns out you may have been right the first
time ! :) ).
I have not done it before... good luck and may the force be with you. :-)
In all seriousness I don't know, if you get it working then steps and pointers back to
the list would be great.
Regards
________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from
MessageLabs to scan all Incoming and Outgoing mail for viruses.
________________________________________________________________________