[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Multiple TLS keys or single key?

Look for SubjectAltName in


WRT to SSL keys cn fields.

Maarten Thibaut wrote:

As the cn: part of an SSL key needs to contain the fully qualified domain
name of the host, what about machines with >1 hostname?

Should I use several keys on the same slapd server? Or should I create a
key with >1 hostname in its cn list (I've heard that this is possible, but
cannot find any documentation on this subject).

If it _is_ possible to have > 1 host per key, how can it be done?

If we should use > 1 key per host, how should they be configured in
slapd.conf? Should each of the keys be specified as a
TLSCertificateKeyFile in slapd.conf?

Thanks for any help with this!