|
At 12:15 PM 9/3/00 -0700, Jacob W Anderson wrote:
>reall? cool! Very glad to be wrong on this account!
>
>So if I have secure.foo.com as my https address, and on the back end, there
>is web1.foo.com, web2.foo.com, and web3.foo.com. In the www server
>configuration, is there anything special that has to be done so that the
>certificate (which is made for secure.foo.com) is handled correctly for the
>named virtual server? (Assuming Apache as the www server)
Nothing special, configure each Aparche server to have secure server
running, and install the key to every one of them. The validation of the
SSL key is at the client side, not at server side. To the server, it does
not care what itself is being called.
>-- Jake
>
>> -----Original Message-----
>> From: Wayne [mailto:wayne@xxxxxxxxxxxxxxx]
>> Sent: Sunday, September 03, 2000 11:50 AM
>> To: janders6@xxxxxxxxxx; David Cantin; Jerry Glomph Black
>> Cc: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>> Subject: RE: few questions [BigIP notes]
>>
>>
>> At 12:00 AM 9/3/00 -0700, Jacob W Anderson wrote:
>> >One thing to note about using the BigIP box and SSL. BigIP supports SSL
>> >termination, so that you do not have to buy a certificate for
>> each web host.
>> >With LVS, you have to install a certificate for each web server.
>> This can
>> >become VERY costly for large server farms, such as E*Trade,
>> which make heavy
>> >use of SSL.
>>
>> This is not true at all. You can install one SSL certificate on
>> all the web
>> servers in the farm. It does not cost anything more than BigIP. Instead,
>> BigIP also needs to purcahse SSL ID for its SSL termination card.
>> The card was made by Rainbow Technology in Orange, California
>> and it is an additional $6000 out from your business pocket. It can only
>> handle 120 to 200 transaction per second, compared with LVS
>> there is no actual limit for number of trasactions, BigIP actually is
>> too small in its functions.
>>
>>
>>
>>
>
>
|
