• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 359
  • Last Modified:

Do I need 1 or 2 SSL certificates to log in to a remote intranet site securely from a different server?

I have a website that's hosted in a data center on the East coast, and it features a login form that's used to log in to a remote intranet website that's located in a data center on the West Coast. I'd like to ensure that when when the login form is submitted, that the data is encrypted, and I'm assuming that I would just do this over SSL.

What I'd like to know is .... do I need 1 or 2 SSL certificates ? In other words -- do I need to install an SSL certifcate on both the East & West coast servers?  Or do I only need to install 1 SSL certificate on the West Coast Server (ie: the Intranet website that needs to be logged into securely) ?

Thanks in advance.

-- Yvan
0
egoselfaxis
Asked:
egoselfaxis
  • 3
  • 2
1 Solution
 
cestorCommented:
It depends on how you are doing your connectivity between the sites. assuming it is HTTP all the way, then you have one certificate for the SSL connection between client and east coast datacenter and then a second certificate on the west coast datacenter web server for the form submit.
0
 
cestorCommented:
just to clarify - the above is assuming that the details go to datacenter 1 and then it passes them on to datacenter 2. If the client is going directly to datacenter 2 on the login form submit then it only needs an ssl certificate on datacenter 2.
The 2 key things to bear in mind are that SSL is for a point to point connection and you only need 1 cert per connection
0
 
egoselfaxisAuthor Commented:
I'm not sure what you mean by "the details go to datacenter 1".  

The website that hosts the login form lives at datacenter 1, ... and they use it to log in to the website that lives at datacenter 2.  A user would never log in to the datacenter 1 website from the datacenter 2 website.  

So if I do in fact only require 1 SSL certificate (which is what I believe is what you're suggesting) .. then I assume that all I'd need to do is  update the login form's action with the HTTPS prefixed url.  Is that correct?  Please confirm.

Thanks,
- Yvan
0
 
cestorCommented:
from what you've described although the login form is hosted at datacenter 1, the site to which the POST HTTP is submitted and the subsequent secure session is at datacenter 2 so yes, you would only need a single SSL certificate for the datacenter 2 connection
0
 
egoselfaxisAuthor Commented:
Thanks!
- Yvan
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now