nanog mailing list archives

Re: SSL Certificates and ... Providers

From: Andrew Latham <lathama () gmail com>
Date: Thu, 27 Dec 2012 14:54:53 -0500

On Thu, Dec 27, 2012 at 2:47 PM, Blake Pfankuch <blake () pfankuch me> wrote:

Ok, so this might be a little off topic but I am trying to validate something a vendor is telling me and hoping some 
people here have expertise in this area...

I am working with a SSL certificate provider.  I am trying to purchase a quantity of wildcard SSL certificates to 
cover about 60 FQDN's across 4 domains.  Vendor is telling me that the Wildcard certificates are licensed per 
physical device it is installed on.  This means instead of using a single wildcard across 20 servers, I would have to 
buy 20 wildcard certs for 20 servers.

This does not compute in my brain and also in my mind completely defeats the purpose of a wildcard cert as I know it. 
 Has anyone run into this before?

Thanks
Blake


Blake

Many vendors assign to a single IP address.  When you send your CSR it
is for one server only. Look at some of the public/free CAs to find
some unbiased info.  You could hide everything behind a
proxy/loadbalancer if you want.


-- 
~ Andrew "lathama" Latham lathama () gmail com http://lathama.net ~

Current thread:

SSL Certificates and ... Providers Blake Pfankuch (Dec 27)
- Re: SSL Certificates and ... Providers Peter Kristolaitis (Dec 27)
- Re: SSL Certificates and ... Providers John Adams (Dec 27)
- Re: SSL Certificates and ... Providers Andrew Latham (Dec 27)
- Re: SSL Certificates and ... Providers Larry LaBas (Dec 27)
- Re: SSL Certificates and ... Providers William Herrin (Dec 27)
- RE: SSL Certificates and ... Providers Blake Pfankuch (Dec 27)
  - Re: SSL Certificates and ... Providers Christopher Morrow (Dec 27)
    - Re: SSL Certificates and ... Providers Grant Ridder (Dec 27)
- Re: SSL Certificates and ... Providers Ken A (Dec 27)
- Re: SSL Certificates and ... Providers Jimmy Hess (Dec 27)