[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SSL cert per virtual host.
On Tue, 19 Mar 2002 20:31:45 -0700, Ben Goren wrote:
>On Tue, Mar 19, 2002 at 09:18:10PM -0600, Rick Francis wrote:
>> can two servers have the same cert, if not bound to an
>> interface, but to a fqdn...where both servers are behind a load
>> balancer (e.g, arrowpoint)?
>As Shawn Wilton said lo these several hours ago, no.
It can be done but it is more complex than most people would consider
There is more than just the certificate to consider. Suppose that a
client browser negotiated a session key with one machine behind a load
balancer and the next request from that client was handled by another
server with no knowlege of the session key.
This sort of thing is done by IBM commerce sites where the software is
designed to handle the situation. Session tracking and shared keys are
all possibilities if you have total control.
It would be way OT to continue detailing methods here. Suffice to say
that if you have to ask then you aren't ready to go further. You need
to understand https a lot more.
In the beginning was The Word
and The Word was Content-type: text/plain
The Word of Rod.