[OFB Cafe] SSL
Kris Deugau
kdeugau at deepnet.cx
Fri Apr 25 11:10:18 CDT 2008
Derek Broughton wrote:
> I'm no expert on certificates, but I thought it shouldn't matter. aiui, you
> purchase a certificate for a domain, and then you can use that as the
> authority for any number of certificates you want to create.
Nope, that costs *big* bucks.
See here, for instance:
http://www.geotrust.com/products/ssl_certificates/georoot.asp
I haven't looked at the bare technical requirements for chaining
certificates like that (never mind the requirements Geotrust imposes as
above), but I would guess the certificate has to be set up in a very
specific way that is very different for how an endpoint single-hostname
or wildcard cert is set up.
-kgd
--
Get your mouse off of there! You don't know where that email has been!
More information about the Cafe
mailing list