Considering the following server config for a group based in Europe:
2 load balanced web servers
2 DB servers (1 live 1 backup)
2 File servers (1 live 1 backup)
Where all machines are hosted at the same ISP and will be accessed via the internet. Some portions of the website will be free and others member only; (e.g., registration/login and web forms for users to input various data). Data won't be financial but will be considered sensitive.
1. What is the best certificate config here? Assuming the top level domain name is www.group.org
, would I have a FQDN like secure.group.org? In other words, users would access the site at http://www.group.org
but as soon as they wanted to do any member specific stuff, (login or register, input data) should they be redirected to https://secure.group.org?
2. Do I need certificates for all machines?
Is what I mentioned above atypical for a .org TLD?