Re: [389-users] duplicate existing ssl crenentials on another server ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/09/2010 08:06 AM, Daniel Maher wrote:
> On 11/09/2010 04:27 PM, Gerrard Geldenhuis wrote:
>
>    
>> There is another document on the wiki which describes how to setup certificates for a vip.... that is similar to what you want to do. I can't find it at the moment but might be worth trolling through the wiki again.
>>      
> Actually, the SSL howto has a section on VIPs (the only hit on a search,
> in fact) :
> http://directory.fedoraproject.org/wiki/Howto:SSL#Using_Subject_Alt_Name
>
> I gave it a second read-through, and it would seem to indicate that alt
> names can be IPs as well as hostnames (i thought it was only the latter
> that was possible).
>
> It would therefore appear to be possible to create a certificate that
> with a series of alt names - in my scenario, there would literally be
> one hostname and two IP addresses.
>
> Has anybody on the list done something similar ?  Any advice ?  Should
> this just work outright ?
>    
If you are using the same exact hostname for the second system, you 
could just use the same certificate as the first system (or copy your 
entire cert db).  You then just need to enable SSL in "cn=config" on the 
second system.
> (p.s. Angel Bosch Mora - turns out you may have been right the first
> time ! :) ).
>
>
>    

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users


[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux