SSL certificate (was Re: accounts gnome org is now using Request Tracker)

From: "Christian Rose" <menthos gnome org>
To: "James Henstridge" <james jamesh id au>
Cc: gnome-infrastructure gnome org, gnome-sysadmin gnome org
Subject: SSL certificate (was Re: accounts gnome org is now using Request Tracker)
Date: Sun, 5 Mar 2006 12:05:41 +0100

On 10/28/05, James Henstridge <james jamesh id au> wrote:
> On 27/10/05 16:51, Ross Golder wrote:
> >Would it? Doesn't each Apache secure vhost require a different IP
> >address to bind to?
> >
> >
> You can vhost SSL sites pretty easily.  If you don't care about the
> "name doesn't match certificate" warnings the first time you go to the
> site, set up is exactly the same.
>
> Alternatively, you can use the "subject alt name" extension in the
> certificate, which will get rid of the warning for those names.  I don't
> recall how to do this with the openssl tools though.
>
> James.

Alternatively, you can use a wildcard SSL certificate that will be
valid for all websites *.gnome.org. The only restriction is that all
web sites will need to be served as virtual hosts from the same
machine (window?), where the certificate is then placed.

Has anyone looked into this? A wilcard certificate need not be
extremely expensive, for example http://www.rapidssl.com/ offers
wildcard certificates for about $200.

Christian

Follow-Ups:
- Re: SSL certificate (was Re: accounts gnome org is now using Request Tracker)
  - From: Owen Taylor

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]