-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: Bernd Eckenfels [mailto:[EMAIL PROTECTED]]
> Sent: Monday, May 15, 2000 10:46 PM
>
> On Mon, May 15, 2000 at 05:43:26PM -0500, Frank Knobbe at Home
> wrote:
> > Yes, SSL will still work. I have several servers behind a
> > firewall doing NAT and SSL comes through fine. When you issue a
> > certificate request on the server, use the internal address on
> > that NIC.
>
> SSL Certificates are not bound to IP-Addresses. It is the host name
> (actually it is the DNS Domain name) wich matters, therefore it is
> no problem doing nat or load balancing.
The certificate is issued to a domain, you are correct. However, what
to you think the FQDN resolves to? An IP address... Also, on the
server you typically install a certificate to a certain IP address if
you have more than one sites/IP addresses on the server.
In regards to load balancing, you can request certs for *.domain.com,
and each www, www2, etc will use the same cert. However, we are
drifting of topic since Harry's question was about NAT (and that
usually involves IP addresses ;)
Regards,
Frank
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.1
Comment: PGP or S/MIME (X.509) encrypted email preferred.
iQA/AwUBOSQ5D0RKym0LjhFcEQIGOACfcRxRqdQyXpyc/CNFLhLErwr89U0AoOXu
trsm15Le7dq4zZLoKUQxkNbd
=sJlk
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
