Private key and SSL Question

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Private key and SSL Question

Postby ofpcomrade » 17. January 2007 17:37

Hi everyone

I would like to host 2 different sites on a windows dedicated server with xampp. I already have one site set up with SSL and it's working great, now I would like to add another one and I'm not sure if I can use same Private server key I created for the first site or do I need to create a new one for the second site? Will the first one still work if I create new one? This maybe a dumb question but I'm new to this :)
ofpcomrade
 
Posts: 4
Joined: 17. January 2007 17:30

Postby Izzy » 18. January 2007 00:33

IMHO you would use a different key set for each site to avoid some SSL certificate warning messages in the browser that usually have to be clicked on to get rid of them.

It's really no big deal to create as many self signed certificates as you want or need but in most browsers you will still get a warning if the certificates don't have a root certificate issued by a recognised and approved authority. (This is one of the things you pay big money for when you purchase a commercial certificate - along with other security includes of course).

This authoratative root certificate is usually included when you install your web browser so just about everyone has these root certificates to call on when visiting a SSL site and if not present will trigger those warning messages mentioned.
The root certificate info included in your browser can be viewed in your browser's preferrences menu.

You may have come across some of these warning messages that relate to a certificate "not been issued for the site that is being accessed and do you want to proceed?" on your Internet travels.

My understanding is that when you create a SSL certificate it is uaually bound to a specific domain name.

This also would apply to a site with a domain name like mysite.com that has an SSL certificate created for it but when used with www.mysite.com the browser issues the above warnings as the certificate is not issued for the site with a www prefix.

Some use a workaround for this by using a subdomain for their secured sites, for example, secure.mysite.com. They put all their pages that require https in that subdirectory and issue a certificate for it and then link to them from their regular pages - for example:
https://secure.mysite.com/shopindex.html

There are such things as wild card SSL certificates but thats another subject again and you would need to do some research first (Google).

Here is a link to a free SSL certificate issuing site, worth a good read first as it could save you much money in SSL fees:
https://www.cacert.org/

And here:
http://www.openssl.org/
Izzy
 
Posts: 3344
Joined: 25. April 2006 17:06

Postby ofpcomrade » 18. January 2007 01:21

Thanks for reply, my main concern was that maybe creating the second private key will disable the first one. Thanks for clarifying that for me.
ofpcomrade
 
Posts: 4
Joined: 17. January 2007 17:30


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 71 guests