Hi,
Do I need to generate different
server key for different domain name ??
Thank you so much for your help
mark
Yes you do.
One certificate for each domain.
On Thu, 07 Sep 2000, you wrote:
> >%_Hi,
>
> Do I need to generate different server key for different domain name ??
>
> Thank you so much for your help
>
> mark
>
Content-Type: text/html; name="unnamed
AFAIK you can use the same server.key to sign multiple certificates.
You're correct that each domain needs it's own certificate but I don't
think the same is true for the private keys.
HTH,
Simon Wilcox.
Please respond to [EMAIL PROTECTED]
request.
Thank You
Mark
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, September 08, 2000 12:52 AM
Subject: Re: server.key
>
> AFAIK you can use the same server.key to sign multiple certificates.
>
> You're correc
The key is unique to the server (i.e. the machine you have set up to serve
pages). You can generate multiple csr's to get multiple certificates from a
single server key (btw, you don't have to name the key based on domain name,
it can be simply, "server.key" or "myleftto
(btw, you don't have to name the
> key based on domain name, it can be simply, "server.key" or
> "mylefttoe.hurts", etc). There is nothing *wrong* with creating multiple
> server keys, but it isn't necessary to accomplish csr generation.
I disagree...
Technica
Yes it's true.
Create a server key for each domain hosted.
>
> I disagree...
>
>
> Technically it will work, but if someone gets that _one_ key, they can
> impersonalte ALL of your secure sites. I don't think that is a very good
> idea. It is not that hard to create a key for each certifica
Original Message-
> From: Giuliano Cocchi [mailto:[EMAIL PROTECTED]]
> Sent: Friday, September 08, 2000 2:21 AM
> To: [EMAIL PROTECTED]
> Subject: RE: server.key
>
>
> Yes it's true.
> Create a server key for each domain hosted.
>
>
> >
> > I
Behalf Of Adrian Stovall
> Sent: Friday, September 08, 2000 11:25 AM
> To: '[EMAIL PROTECTED]'
> Subject: RE: server.key
>
>
> I will agree that this is true, however...the odds of someone getting (by
> hacking your system?) _one_ key is probably about the same as the
42.pcx)
Fax to
(Embedded image moved to file: pic19187.pcx)
SubjectRE: server.key
(Embedded image moved to file: pic25532.pcx)
I will agree that this is true, however...the odds of someone getting (by
hacking your system?) _o
On Fri, Sep 08, 2000 at 11:52:12AM -0400, Kirk Benson wrote:
> Another thing to note here. A single Apache instance will use the same
> passphrase value for all keys;
No, that's not quite true (except any buggy versions) - what it does is
to try any previously typed passphrases on each certific
contained in.
This was done with the SSLCertificateKeyFile /etc/httpd/ssl.key/server.key
commented out
If I use that, I get a clean startup, but when I use the genuine certificate
where the key is supposed to be included it doesn't work either.
My question mainly is, can I extract a serve
I think my server.key file was overwritten while I had an outstanding
certificate request. I subsequently received my certificate, but now
I don't have a matching server.key file to go with it and Apache/SSL
won't start without it. Is it possible to generate the server.key
file aga
>>> <[EMAIL PROTECTED]> 09/30/99 05:14AM >>>
>My question mainly is, can I extract a server key from the
certificate?
Nope. Only the public key is contained in the certificate, not the
private key. If your private key is lost/corrupted, you need to
generate a new public/private key pair and the
- Original Message -
From: "Brett Goldstock" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, January 03, 2000 7:06 PM
Subject: I think I lost my server.key...
> I think my server.key file was overwritten while I had an outstanding
> certifi
digital certificate in APACHE with MOD_SSL, the two files
server.crt and server.key must be at hand. But now I can not extract the
file server.key containing private key from keystore. Can you throw a
light on how your product support keytool?
Any response will be appreciated.
Thanks with Best
16 matches
Mail list logo