Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Steps for implementation of SSL for one domain but on many load balanced servers

Posted on 2004-04-24
3
Medium Priority
?
264 Views
Last Modified: 2010-04-11
I have one website which is load balanced on more than one server. I was told that I only need to pay for one certificate because I have one hostname (or domain) and then I can install them on all other servers.
My questions are:
1- What do I give the CA (Verisign, thawte, etc) so they can sign it and give it back to me
2- How do I install it on all servers
3- What do I need to backup for future installations?
Thanks
0
Comment
Question by:kalmen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 23

Accepted Solution

by:
Tim Holman earned 2000 total points
ID: 10917250
1)  You need to generate a private key and CSR (certificate signing request).  You send this to the CA, then they will send you back the SLL certificate.  

2)  Do you use IIS or Apache ?  With IIS you import an SSL certificate with the Key Manager utility, with Apache, you just dump it into one of the files - http://www.freessl.com/resources/install/freessl/apache_2x.htm

3)  Backup your private key, and the certificate itself.

What load balancers do you use ?  Can you use them to offload SSL ?  Running SSL directly on web servers will slow them down considerably.
0
 
LVL 1

Author Comment

by:kalmen
ID: 10917370
I see, thanks.

So I need to keep the private key and public key as backup? And I can add them to any server that hosts the same domain/hostname.

The load balancers I used have an SSL accelerator installed, so that reduces a lot of load from my servers.

0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10917449
You should be able to install the SSL cert on just the SSL accelerators themselves, then have the web servers serve up HTTP content which in turn is encrypted by your SSL acceleration device.
In terms of backup, private key AND certificate are required (and a copy of the password !).
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the rising number of cyber attacks in recent years, keeping your personal data safe has become more important than ever. The tips outlined in this article will help you keep your identitfy safe.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question