|
|
Thanks guys. I went with separate certificates for each server. Everything is working well so far.
-----Original Message-----
From: Oliver Koch [mailto:koch@rz.tu-clausthal.de]
Sent: Thursday, March 11, 2010 10:00 AM
To: CommuniGate Pro Discussions
Subject: Re: TLS and Certificates - Updated
Hi,
Matthew Black wrote:
> Wildcard certificates are NOT the way to go for large enterprises. They
> present a whole set of security problems because some sites offer dozens
> of services, each with its own certificate. Our university operates
> hundreds of servers. If a wildcard certificate gets compromised, EVERY
> service loses its security.
>
> Why can't CommuniGate figure out how to configure multiple certificates,
> say one for each service (IMAP, POP, WebUser) and a different set for
> each domain? Apache has been doing this for a very long time.
we use a SSL certificate which contains a main common name and several
alternate common names. So it isn't a wild card certificate but we have
only one certificate to connect to our server (it's only one server) by
different hostnames.
Perhabs that might be a solution for Dana too?
Kind regards,
Oliver Koch
--
Oliver Koch Tel.: 05323/72-2626 | Fax: -3536
Rechenzentrum TU Clausthal E-Mail: koch@rz.tu-clausthal.de
Erzstraße 51 WWW: http://www.rz.tu-clausthal.de
D - 38678 Clausthal-Zellerfeld Jabber: ok@jabber.tu-clausthal.de
#############################################################
This message is sent to you because you are subscribed to
the mailing list <CGatePro@mail.stalker.com>.
To unsubscribe, E-mail to: <CGatePro-off@mail.stalker.com>
To switch to the DIGEST mode, E-mail to <CGatePro-digest@mail.stalker.com>
To switch to the INDEX mode, E-mail to <CGatePro-index@mail.stalker.com>
Send administrative queries to <CGatePro-request@mail.stalker.com>
|
|