Re: [users@httpd] ssl cert for multiple server

[Aaron Morris <aa...@mindspring.com>]

Robert Andersson wrote:
> patrick kuah wrote:
> 
>>I have two web servers load balance each other, can i use the same ssl
>>Cert on both server ? because I'm only load balancing one url only.
>>Is there any issue between the client and server for ssl session if i'm
>>using the same cert for load balancing ???  My load balancing is using
>>round robin manner.
> 
> 
> I'm no expert on either SSL nor load balancing, but I can image the
> combination to be tricky. Otherwise, HTTP is a sessionless protocol, so one
> request can go to one server, and the next to another. But, with SSL all
> communication, after the SSL session is setup, must be to the same server.


Load balancing HTTPS requests can be tricky if:
A) You are using different certificates for each web server
or
B) You are using SSL session IDs for session management


About using one certificate on multiple web servers:  IANAL, but the 
language is usually a little confusing on this.  I can tell you that the 
CA will want you to buy a certificate for each server.  If you have to, 
I would buy the number of certificates you need and use the same 
certificate on each server.



-- 
Aaron W Morris <aa...@mindspring.com> (decep)




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org