: Installing a wildcard SSL Cert I am in the process of putting the final touches to a rather complex multi-server setup where the server domain names are along the lines of srva.example.com,
I am in the process of putting the final touches to a rather complex multi-server setup where the server domain names are along the lines of srva.example.com, srvb.example.com etc. At present I have four servers but that number will grow. I have done a lot to keep my admin burden to a bare minimum and want to ensure that stays the case with providing SSL access to the servers. With that in mind what I want do do is this
Complete the server configuration for srva.example.com by installing a wildcard SSL cert. They seem to be reasonably cheap these days. My servers do not do any e-commerce so I do not need much by way of certificte - the one I am looking at is from an outfit called Comodo.
Get an image of srva.example.com
Replicate it as many times as necessary - now and in the future.
Question - am I liable to have any issues doing things this way? i.e. will I end up finding that I have to do individual cert installs on each server? I am something of a newbie when it comes to SSL certs so I would much appreciate any help.
More posts by @Carla537
1 Comments
Sorted by latest first Latest Oldest Best
I have scripted the install process for my wild card certificate on multiple servers. There isn't anything that I do differently for each server. Your approach should work. My scripts:
Put the certificate and signing chain in a known location (/etc/apache/ssl/)
Add the configuration to the SSL virtual host file
<VirtualHost *:443>
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
SSLCertificateFile /etc/apache2/ssl/example.com.pm
SSLCertificateKeyFile /etc/apache2/ssl/example.com.key
SSLCertificateChainFile /etc/apache2/ssl/chain.pem
SSLCACertificateFile /etc/apache2/ssl/authority.pem
...
</VirtualHost>
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.