Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Ruusvuu on April 03, 2002, 05:10:17 AM

Title: Secure Certificates
Post by: Ruusvuu on April 03, 2002, 05:10:17 AM

I anticipate the need for several separate, unique secure certificates to be installed on my SME 5.1.2

Any suggestions or advice welcome.

Many thanks,

Ruusvuu

Title: Re: Secure Certificates
Post by: Dan Brown on April 03, 2002, 06:04:49 AM

Do you mean for multiple domains for secure web access?  Don't believe it's possible, due to the way SSL works.

Title: Re: Secure Certificates
Post by: Guck Puppy on April 25, 2003, 02:24:02 AM

Indeed, here is the reasoning :

"A few things to keep in mind: You can have multiple virtual hosts on the same server. You can have numerous name-based virtual hosts on the same IP address. You can also have numerous name-based virtual hosts and one (1) secure virtual host on the same IP. But - you cannot have multiple secure virtual hosts on the same IP.

The question that so many ask: Why? The answer is: SSL works below the application layer. Name based hosts are not defined until the application layer."

(from http://en.tldp.org/HOWTO/SSL-RedHat-HOWTO-4.html)

Title: Re: Secure Certificates
Post by: Charlie Brady on April 25, 2003, 08:29:08 AM

Ruusvuu wrote:

> I anticipate the need for several separate, unique secure
> certificates to be installed on my SME 5.1.2

For starters, unless you can find someone producing timely security updates for 5.1.2, you shouldn't be using 5.1.2. Mitel no longer maintains updates for 5.1.2 and earlier versions, and some security flaws have been discovered in software versions used in 5.1.2.

As to your question, you need different IP addresses or different port numbers to support multiple certificates.

Regards

Charlie