[389-users] duplicate existing ssl crenentials on another server ?

Gerrard Geldenhuis Gerrard.Geldenhuis at betfair.com
Tue Nov 9 16:19:01 UTC 2010


>________________________________________
>From: 389-users-bounces at lists.fedoraproject.org [389-users-bounces at lists.fedoraproject.org] on behalf of Daniel Maher [dma+389users at witbe.net]
>Sent: 09 November 2010 16:06
>To: 389-users at lists.fedoraproject.org
>Subject: Re: [389-users] duplicate existing ssl crenentials on another server ?
>
>On 11/09/2010 04:27 PM, Gerrard Geldenhuis wrote:
>
>> There is another document on the wiki which describes how to setup certificates for a vip.... that is similar to what you want to do. I can't find it at the moment but might be worth >trolling through the wiki again.
>
>Actually, the SSL howto has a section on VIPs (the only hit on a search,
>in fact) :
>http://directory.fedoraproject.org/wiki/Howto:SSL#Using_Subject_Alt_Name
>
>I gave it a second read-through, and it would seem to indicate that alt
>names can be IPs as well as hostnames (i thought it was only the latter
>that was possible).
>
>It would therefore appear to be possible to create a certificate that
>with a series of alt names - in my scenario, there would literally be
>one hostname and two IP addresses.
>
>Has anybody on the list done something similar ?  Any advice ?  Should
>this just work outright ?
>
>(p.s. Angel Bosch Mora - turns out you may have been right the first
>time ! :) ).

I have not done it before... good luck and may the force be with you. :-)

In all seriousness I don't know, if you get it working then steps and pointers back to the list would be great.

Regards

________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from 
MessageLabs to scan all Incoming and Outgoing mail for viruses.

________________________________________________________________________



More information about the 389-users mailing list