Re: certificate server
Quoting Jeff (debian0309@aquabolt.com):
> The use of Client is confusing - you actually appear to be generating
> what I would call a self-signed server certificate for installation on
> one specific webserver. This is for authenticating this signel Server
> to clients that browse your website using HTTPS.
That happens to explicitly _be_ the entire context of the article. I
have a difficult time believing that anyone could be confused by it:
The reader would basically have to be ignoring important parts of the text.
> All sounds good for a single self-signed server certificate, but you
> would not want to do this if you have 10s of web servers.
Indeed.
> We use our CA - ie Certificate Authority to sign the web server keys,
> as we have lots of web servers.
However, my document is about self-signing. Thus the filename, which
you may not have noticed.
> * Important that during CSR the Common Name match the web server name
> that browsers will use.
Indeed. I've been intending to revise my article to insert mention of
that fact. Thanks for the reminder.
--
Cheers, * Contributing Editor, Linux Gazette *
Rick Moen -*- See the Linux Gazette in its new home: -*-
rick@linuxmafia.com <http://linuxgazette.net/>
Reply to: