[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Multi-homed machine and TLS

whether you paid for certs or not is irrelevant - the process is the
same. You create _one_ CA (using openssl if you wish) which you use to
sign cert requests for each server. the client then needs _one_ copy of
the CA certificate to verify each of the server certs.

I dont mean to be rude but this is fundamental stuff. I admit it can be
a bit confusing when starting out but you should make sure you
understand this stuff or take it to a relevant mailing list.


On Wed, 2004-09-15 at 19:19, Tay, Gary wrote:
> Again, if I am not wrong, let me clarify:
> The two certs in my cacert.pem at my LDAP clients are neither Server
> cert or CA certs, they are "Server Certs Self-Signed by a CA Cert
> generated at the server". The file name happened to be named
> "cacert.pem", one can call it anything.
> I did not send any server cert to valid CA and paid for the signing
> service. Most testing systems use self signed certs.

Greg Matthews
iTSS Wallingford	01491 692445