Multiple certs on one server
david at styleflare.com
Fri Dec 31 15:28:58 MSK 2010
I was trying to take a second look at this.
I get this error (Error code: ssl_error_rx_record_too_long)
I am just testing the solution using self-signed certs.
Here is my server-blocks.
On 12/22/10 12:18 AM, David Newman wrote:
> On 12/20/2010 05:03 PM, David J. wrote:
>> On the topic of SSL;
>> Is there any possible way to run multiple certs on one IP?
>> I dont think this is possible as per the SPEC; But I am not an expert.
> Me neither, but there's nothing wrong with this. The CN in a cert is
> bound to a string such as a hostname, not to an IP address. (The string
> could also be someone's name, or any other text, including an IP address
> -- but as a text string). SSL works above the network layer and doesn't
> care about L3 addressing.
> So, if you've got multiple virtual hosts on a single IP address, you
> have a couple of choices:
> a. Use one cert per virtual host
> b. Use one cert for all virtual hosts and chain them using the
> subjectAltName parameter in openssl.cnf. This is what I did on the
> server in the original post in this thread.
> Here's a thread from a few years ago when I was getting (b) set up:
> You can buy chained certs that do this from multiple registrars; I got
> one from GoDaddy but concur with others' description about the GD web site.
> nginx mailing list
> nginx at nginx.org
More information about the nginx