Re: Self signed cert for multiple websites

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Keith Smith at <-
MM 
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Keith Smith
Date:  
To: Main PLUG discussion list
Subject: Re: Self signed cert for multiple websites
On 2015-07-04 08:53, Stephen Partington wrote:
> https://blog.celogeek.com/201209/209/how-to-create-a-self-signed-wildcard-certificate/
> [2]


After reading a bit about this I assume I use the host name which is
something like servername.domain.local.

When asked "Common Name (eg, your name or your server's hostname) []:" I
enter *.domain.local. (hostname)

Which will create a server wide wild card cert that will work with
MyTestSite.local, MyOtherSite.local ... etc. Do I understand correctly?
And should work with sub-domains as well such as shop.MyTestSite.local,
shop.MyOtherSite.local... etc.

One cert for all.

Thanks again for all your help!!

Keith


>
> On Sat, Jul 4, 2015 at 8:39 AM, Keith Smith
> <> wrote:
>
>> On 2015-07-04 07:53, Stephen Partington wrote:
>>
>>> As long as the "domain" remains the same the same cert should
>>> work.
>>> Once that changes you will need a new cert.
>>
>> I will be creating multiple test sites.  Each with a unique domain
>> such as mytestsite.local and anothertestsite.local, each having it's
>> own virtual host and docroot.
>>
>> How do I create a unique cert for each domain?
>>
>> There is a number of questions that are asked during the cert
>> creation.
>>
>> Country Name (2 letter code) [GB]:
>> State or Province Name (full name) [Berkshire]:
>> Locality Name (eg, city) [Newbury]:
>> Organization Name (eg, company) [My Company Ltd]:
>> Organizational Unit Name (eg, section) []:
>> Common Name (eg, your name or your server's hostname) []:
>> Email Address []:
>> An optional company name []:
>>
>> I assume what makes each cert unique is the answer to "Common Name
>> (eg, your name or your server's hostname)".  I enter the domain
>> name not the FQDN or hostname of the server.
>>
>> Or maybe each cert is unique and by associating it with the domain
>> and adding the excretion to the browser is all that is needed?????
>>
>> I am rather new to creating self signed certs and the above is an
>> assumption.
>>
>> Any guidance is much appreciated.
>>
>> Keith
>>
>> On Sat, Jul 4, 2015 at 6:04 AM, Keith Smith
>> <> wrote:
>>
>> Hi,
>>
>> I've configured a VM using VirtualBox and it is running CentOS 6.6.
>>
>> To create the self signed cert I followed 3 steps:
>>
>> 1) mkdir /etc/httpd/ssl
>>
>> 2) cd /etc/httpd/ssl
>>
>> 3) openssl req -x509 -nodes -days 4000 -newkey rsa:2048 -keyout
>> /etc/httpd/ssl/name-of-my-test-site.key -out
>> /etc/httpd/ssl/name-of-my-test-site.crt
>>
>> I've tested the cert and it works.
>>
>> Now I want to add more test sites to my VM.
>>
>> I've done some research and am not finding any information about
>> how to configure the self signed cert(s) for multiple sites.  From
>> reading the docs it appears that I create one cert for the box and
>> it will be used by all the sites on my box (test/dev VM).  Is this
>> true or do I need to create a cert specific for each virtual
>> host? 
>> If I need to create a cert for each virtual host, how do I do so?
>>
>> Thank you so much for all your help!!
>>
>> --
>> Keith Smith
>> ---------------------------------------------------
>> PLUG-discuss mailing list -
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss [1] [1]
>>
>> --
>>
>> A mouse trap, placed on top of your alarm clock, will prevent you
>> from
>> rolling over and going back to sleep after you hit the snooze
>> button.
>>
>> Stephen
>>
>> Links:
>> ------
>> [1] http://lists.phxlinux.org/mailman/listinfo/plug-discuss [1]
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list -
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss [1]
>
> --
> Keith Smith
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss [1]
>
> --
>
> A mouse trap, placed on top of your alarm clock, will prevent you from
> rolling over and going back to sleep after you hit the snooze button.
>
> Stephen
>
>
>
> Links:
> ------
> [1] http://lists.phxlinux.org/mailman/listinfo/plug-discuss
> [2]
> https://blog.celogeek.com/201209/209/how-to-create-a-self-signed-wildcard-certificate/
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss

--
Keith Smith
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: Self signed cert for multiple websitesHappy Independence Day->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)