• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 492
  • Last Modified:

how to create ssl certifications on linux host

Hello,

I got below request from one of the user,

Please issue a UC Cert for below hosts. Please provide PRIVATE KEY as well.

Hosts:
1)esg-qa
2)esg-uat
3)esg-lt
4)esg-stage

Duration: 3 Years, Algorithm: SHA-2


Can someone please guide me to walkthrough step by step in creating the ssl certs on above host ?
0
sudhirgoogle
Asked:
sudhirgoogle
  • 3
  • 2
2 Solutions
 
sudhirgoogleAuthor Commented:
what is the difference between SSL Cert for each host - or-  it be one UC cert ?
0
 
rfportillaCommented:
An SSL Cert for each requires a unique IP address for each.  That's why UC certs were created.  You can have one UC Cert with one IP address and multiple domains.  

You have to make sure that all of the browsers that consume these sites will support them (requires TLS 3).

Do you need to create the cert or purchase?  Godaddy sells them.
0
 
rfportillaCommented:
This is documentation on using them with Apache:

https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
0
 
sudhirgoogleAuthor Commented:
Thanks for you comments. I don't have to purchase, i need to create host based certs. instead of IP can i create based on hostnames?
0
 
rfportillaCommented:
The answer is yes.  Technically, they are all host based. The older certs were based on a mechanism that required ip negotiation before the hostname was passed to the server.  Therefore, the server had to know that only one host could exist for that ip address.  The newer certs address this problem.  They are commonly called SNI certs.

Honestly, if I were to provide the steps for creating an SNI cert, I would just Google it and post the link.   I don't know how to create them off the top of my head.  I will let you Google it and if you have trouble finding directions, let me know.

Hope this helps.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now