httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <>
Subject [Httpd Wiki] Update of "ScratchPad" by DonBaker
Date Fri, 12 Aug 2011 21:43:02 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.

The "ScratchPad" page has been changed by DonBaker:

  Multi-domain, SAN, or UCC certificates are useful when organizations require different root
domain names to run Internet-facing services.  Subject alternate name certificates are also
called Unified Communications Certificates (UCC) since they were primarily designed to support
real-time communications infrastructures. For example, an organization providing both internal
and external unified communications services with two different domain names—for example, the external domain and for the internal
name—would benefit from a multi-domain certificate because in this case, the wildcard certificate
would not work. In fact, if the organization was using wildcard certificates, two wildcard
certificates would be required because the root domain name is different in each case.
+ ---- /!\ '''Edit conflict - other version:''' ----
  A single multi-domain certificate could easily support the following names and more:,,, 
+ ---- /!\ '''Edit conflict - your version:''' ----
+ A single multi-domain certificate could easily support the following names and more:,,, 
+ ---- /!\ '''End of edit conflict''' ----
  Multi-domain certificates are also useful for application service providers (ASP) who host
applications for multiple clients with each client using their own domain name. By using a
multi-domain certificate, ASPs can use a single certificate to support multiple clients. Note
that the site seal and certificate “Issued To” will only be for the primary domain name
entered in the certificate and will not include any of the other domain names. However, the
certificate itself will include all of the domain names that have been entered when the certificate
was purchased. 
@@ -53, +60 @@

  "'Wildcard vs. Multi-Domain Certificates'"
  Organizations wanting to move to subject alternate name or unified communication certificates
should choose between the wildcard and the multi-domain certificate types. Table 1 outlines
the similarities and differences between the two certificate formats.
+ ---- /!\ '''Edit conflict - other version:''' ----
+ ---- /!\ '''Edit conflict - your version:''' ----
+ ---- /!\ '''End of edit conflict''' ----
  Both certificate types offer several benefits and include several features. In addition,
both are available in full authentication format only. Domain-only authentication certificates
only require the validation of the domain before they are issued, and because of this, cannot
be used with multi-use certificates. Full authentication certificates require both the validation
of the domain itself and the validation of the business running the domain. Because of this,
full certificates are more trustworthy than domain-only certificates. This is another reason
the full authentication model is used for multi-use certificates. Keep this in mind as you
make your choice.
@@ -68, +81 @@

  Ideally, organizations would only use a single root name for all functions, but in most
environments, this is not possible. Many organizations use a least one public root name and
one private root name to segregate the internal from the external namespaces they work with.
In this case, only multi-domain certificates will work. But, if you only need a certificate
for external purposes and you only use one single public root name, then the wildcard certificate
is the certificate of choice.
  In summary, multi-use certificates make it much easier to deploy multiple secure services
both internally and externally. This is particularly useful in environments that include several
services like mail, instant messaging, Web, mobile device management, and File Transfer Protocol
(FTP). If this is the case for your organization, then your best choice is to acquire the
multi-use certificate that is tailored to fit your needs. 
+ ---- /!\ '''Edit conflict - other version:''' ----
+ ---- /!\ '''Edit conflict - your version:''' ----
+ ---- /!\ '''End of edit conflict''' ----

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message