What if the second cert we took from a diff company In general the server should be able to support multiple CA certificate files right?Our web browsers does that now -isn't it -correct me please if I am wrong so in vhost.conf for scurehttps the following should be able to work -right #old one SSLCACertificateFile conf/ssl/nsm_ca.crt #new one SSLCACertificateFile conf/ssl/Commercial_CPE_Root_Cert.pem #these are left as before SSLCertificateFile conf/ssl/nsm.crt SSLCertificateKeyFile conf/ssl/nsm.key SSLCertificateChainFile conf/ssl/nsm.crt
matt farey <[EMAIL PROTECTED]> wrote: [EMAIL PROTECTED] wrote: > > Why would you need to support both SSL certificates? From what I've > seen (at least with Verisign) when you renew a certificate, it adds > the renewal period to the end of your current expiration period, but > is valid from the date you renew! As soon as you get the new > certificate, you should be able to use it. You don't need to wait for > the old one to expire to do the swap. > > good point! > Please respond to users@httpd.apache.org > > To: users@httpd.apache.org > cc: (bcc: Dan Mitton/YD/RWDOE) > Subject: Re: [EMAIL PROTECTED] Re: adding multiple > SSLCACertificateFile in vhost.conf > > > LSN: Not Relevant > User Filed as: Not a Record > > > > saibaba Duggirala wrote: > > yes, more than one SSL enabled > > servername on a single IP address, single NIC > > > > The cureent certificate is expiring in couple of months so we want to > > seamleesly support the current one until it expires along with the new > > one > > > > > as far as I am aware SSL certs cannot be combined on a single IP, you > need to either use 2 NICs or use IP aliasing to bind 2 IP addresses to a > single NIC, and then in your vhost conf you can set up the certs one > each per IP, here's a short article: > http://www-128.ibm.com/developerworks/web/library/wa-multissl.html#resources > matt > > > */matt farey /* wrote: > > > > > > > > saibaba Duggirala wrote: > > > hi, > > > can anyone please let me know what is the procedure to add > multiple > > > SSLCACertificateFile in vhost.conf in apache > > > > > > So far we have been using only one file, shown below in vhost.conf > > > SSLCACertificateFile conf/ssl/nsm_ca1.cr > > > > > > We would like to use another root certificate along with the > > above one > > > , so is it as simple as adding another line like above > > > SSLCACertificateFile conf/ssl/nsm_ca_2.cr in vhost file or is > there > > > something else that I should be doing > > > > > > > > > Thanks, > > > saibaba > > > > > > Get your own web address. > > > > > > Have a HUGE year through Yahoo! Small Business. > > > > > > > > > depends on your setup, are you trying to host more than one SSL > > enabled > > servername on a single IP address, single NIC, or what? > > > > > > -- > > Matthew Farey > > > > > > > > > --------------------------------------------------------------------- > > The official User-To-User support forum of the Apache HTTP Server > > Project. > > See for more info. > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > " from the digest: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > Sucker-punch spam > > > > > with award-winning protection. > > Try the free Yahoo! Mail Beta. > > > > > > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] > " from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- Matthew Farey --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------- No need to miss a message. Get email on-the-go with Yahoo! Mail for Mobile. Get started.
