[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Slurpd over SSL



Estevam Viragh wrote:

Yes, The master and slave have both the same
certificates. I assumed it is fine given that I used
heavymetal.com as commonName, the domain name.

Each host's public cert should be issued for the FQDN of that host as subject and as the rest of the network will see it. Not for the domain. You cannot use a single certificate for more than one host (unless you're into the subjectAltName game, but that's a different story ;) Each server cert should be signed by one single CA and that CA cert made available to each host and client.


--Tonni

--
Tony Earnshaw

If my mail server refuses your
mail resend to:

billy at billy.demon.nl
http: www.billy.demon.nl