Requesting only one certificate for TLS connections are we forced to implement every service in only one server?
A. In general, for balanced architectures, it is used only one certificate for load balancer’s host+domain, which is copied into every balanced server; from a legal point of view you’ll need to buy the certificate and a number of licences equal to the balanced servers. For HTTPS, you need virtualhost configuration on balanced webservers, so that the client’s browser will always get the same host+domain. For SMTPS-IMAPS-POPS you only need host+domain of the certificate to be the same of the MUA one, so you don’t have alias problems, whatever server you installed the certificate on.
Related Questions
- I received a Notification for Jury Service, Qualifying Questionnaire and Voir Dire Questionnaire, and I am requesting to be excused. Do I still need to complete the juror questionnaire?
- Can I use the JANET Server Certificate Service to provide certificates for my RADIUS servers? / Do you have any technical documentation on using MS IAS and JANET SCS?
- What does the error message: TLS/SSL failure: myserver: Server name does not match certificate mean?