We are looking to purchase a bulk number of SSL certificates for a variety of sites. As we were discussing this with our current SSL certificate provider, we ran into something which sounds a little odd, and wonder if others have run into this with their bulk SSL certificate purchases. When the individual SSL certificate is purchased, we need to specify how many "hosts" are involved. Simple when dealing with standard apache sites. Add a load balancer in front of things, and this is where we find things a little odd as we would end up paying for a cert for each of the back end servers -- even if the SSL cert is only on the front end load balancer. Example 1: If there is a load balance with three hosts behind it. The load balancer is the only one with an SSL cert, we need to specify 3 hosts when we buy the cert and end up paying 3 times a single cert cost. Say the cert costs $100. We would end up paying $300 for the SSL cert for the load balancer because there are 3 servers serving the site as $100 a pop. Example 2: Say we have 3 sites on the same domain (prod.domain.com, test.domain.com, dev.domain.com) and all three happen to run through the load balancer/proxy with prod having 2 back end servers and test & dev each having 1 server (which might simply be different apache virtual host on the same physical host), we would either need: Prod: 2 hosts (load balanced) Test: 1 host (proxy only) Dev : 1 host (proxy only) The cost of four SSL certs would be needed (4 x $100 = $400). Should we have chosen to use a wildcard cert (*.domain.com) at $200 a cert, we still would need the cost of 4 wildcard certs ($800 total). Does this seem the standard pricing for the industry? Benji Spencer System Administrator Moody Bible Institute Phone: 312-329-2288 Fax: 312-329-8961
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
|