05-15-2007 08:40 AM
We have a need to terminate multiple SSL websites on our CSS. So name1.test.com
name2.test.com, name3.test.com etc. The problem I have found is that I need to burn 1 public VIP per SSL connection b/c they all need to use tcp 443 inbound and point to their respective cert on the CSS. Is there anyway to possibly generate a wildcard cert that matched only the last part of our domain name ( events.test.com = *.test.com ) and then get away with using only 1 VIP for the multiple sub domains ??
Thanks for your help.
Cheers
Dave
05-15-2007 02:26 PM
CSS can use wildcard certificate just as it uses typical server certificates.
If you are using the CSS to create the CSR, you would use a wildcard common name
- A "*" wildcard character MAY be used as the left-most name component in the certificate. For example, *.example.com would
match a.example.com, foo.example.com, etc. but would not match
example.com.
Syed
05-16-2007 05:32 AM
Thanks again, would this help me get away with using one VIP for the multiple sub domains ?
Essentially I would like to use one VIP with a wildcard cert for
a.example.com, foo.example.com, test.example.com.
Is this doable ? Its very doable using an Apache proxy server. I am just trying to port that functionality over to the CSS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide