[389-users] Can i use Same Certificate for all my ldap server
Petr Spacek
pspacek at redhat.com
Wed Apr 17 07:20:09 UTC 2013
On 16.4.2013 23:10, Kyle Flavin wrote:
> On Tue, Apr 16, 2013 at 2:04 PM, Rob Crittenden <rcritten at redhat.com> wrote:
>
>> expert alert wrote:
>>
>>> Hi
>>> I am planning to deploy all my ldap server by puppet.
>>> so I am wondering, Can i use Same Server Certificate and CA certificate
>>> (Directory server) for all my server ???
>>>
>>> if yes, then under which directory shall i place those certificate ??
Although it is technically possible, it is not recommended.
All servers will share the same private key, so the chance that the key will
be compromised is bigger - you need to transfer the key securely from one
server to another etc.
Could you explain your use case? I'm curious :-)
--
Petr Spacek
More information about the 389-users
mailing list