Solved

how to create ssl certifications on linux host

Posted on 2014-04-16
5
477 Views
Last Modified: 2014-04-28
Hello,

I got below request from one of the user,

Please issue a UC Cert for below hosts. Please provide PRIVATE KEY as well.

Hosts:
1)esg-qa
2)esg-uat
3)esg-lt
4)esg-stage

Duration: 3 Years, Algorithm: SHA-2


Can someone please guide me to walkthrough step by step in creating the ssl certs on above host ?
0
Comment
Question by:sudhirgoogle
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 40005884
what is the difference between SSL Cert for each host - or-  it be one UC cert ?
0
 
LVL 9

Assisted Solution

by:rfportilla
rfportilla earned 500 total points
ID: 40005906
An SSL Cert for each requires a unique IP address for each.  That's why UC certs were created.  You can have one UC Cert with one IP address and multiple domains.  

You have to make sure that all of the browsers that consume these sites will support them (requires TLS 3).

Do you need to create the cert or purchase?  Godaddy sells them.
0
 
LVL 9

Expert Comment

by:rfportilla
ID: 40005913
This is documentation on using them with Apache:

https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 40007003
Thanks for you comments. I don't have to purchase, i need to create host based certs. instead of IP can i create based on hostnames?
0
 
LVL 9

Accepted Solution

by:
rfportilla earned 500 total points
ID: 40007643
The answer is yes.  Technically, they are all host based. The older certs were based on a mechanism that required ip negotiation before the hostname was passed to the server.  Therefore, the server had to know that only one host could exist for that ip address.  The newer certs address this problem.  They are commonly called SNI certs.

Honestly, if I were to provide the steps for creating an SNI cert, I would just Google it and post the link.   I don't know how to create them off the top of my head.  I will let you Google it and if you have trouble finding directions, let me know.

Hope this helps.
0

Featured Post

The Orion Papers

Are you interested in becoming an AWS Certified Solutions Architect?

Discover a new interactive way of training for the exam.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question