Many A-records
John S. Giltner, Jr.
giltjr at earthlink.net
Sun Apr 11 02:14:50 UTC 2004
Barry Margolin wrote:
> In article <c56ms2$o5c$1 at sf1.isc.org>,
> "John S. Giltner, Jr." <giltjr at earthlink.net> wrote:
>
>
>>"About the dual naming. If i have a certificate protecting www.www.com
>>and i rename that service for another customer and call it maybe
>>www.customerzone.com he will get a lot of warnings when trying to reach
>>that site using https since the certificate was made for www.www.com.
>>Maybe webservers can have more than one certificate but then it will be
>>more expensive. If we rename our services so that different names will
>>be used depending on which customer is asking we will have to make sure
>>the Href tags does not include FQDN's from the namespace the customer
>>can't see. We will also have to tell all our customers to update their
>>DNS zones every time we change an IP."
>
>
> SSL doesn't work well with name-based virtual hosting. Some of the
> stuff it does with certificates uses IP addresses, not hostnames, so
> each virtual server needs a unique IP.
>
All of our SSL certificates have always been based on host names, not IP
addresses.
More information about the bind-users
mailing list