SSL Certificates and ... Providers
lathama at gmail.com
Thu Dec 27 19:54:53 UTC 2012
On Thu, Dec 27, 2012 at 2:47 PM, Blake Pfankuch <blake at pfankuch.me> wrote:
> Ok, so this might be a little off topic but I am trying to validate something a vendor is telling me and hoping some people here have expertise in this area...
> I am working with a SSL certificate provider. I am trying to purchase a quantity of wildcard SSL certificates to cover about 60 FQDN's across 4 domains. Vendor is telling me that the Wildcard certificates are licensed per physical device it is installed on. This means instead of using a single wildcard across 20 servers, I would have to buy 20 wildcard certs for 20 servers.
> This does not compute in my brain and also in my mind completely defeats the purpose of a wildcard cert as I know it. Has anyone run into this before?
Many vendors assign to a single IP address. When you send your CSR it
is for one server only. Look at some of the public/free CAs to find
some unbiased info. You could hide everything behind a
proxy/loadbalancer if you want.
~ Andrew "lathama" Latham lathama at gmail.com http://lathama.net ~
More information about the NANOG