|
Posted by Felix Tiede on June 21, 2008, 4:07 pm
If you were Registered and logged in, you could reply and use other advanced thread options
toralf wrote:
> Hello,
>
>
> We serve at work many customers within a client/server architecture
> and would like to have different certs for different customer - but
> we've only one server where all customers connect to.
>
> Therefor I'm wondering, whether it is possible for a server providing a
> SSL connection to its web service to accept more than only one
> certificate.
>
A web service using SSL/TLS can accept more than one client certificate,
f.ex. one for each customer. If your web service supports specifying
certification authorities to sign client certificates (like apache does),
you can create a CA to sign client certificates. This would enable you to
issue new client certificates without reconfiguring your web service. And
if you can specify certificate revocation lists as well, you can also
revoke certificates without reconfiguration. But this depends on what the
server behind your web service supports.
What a web service can't do is present different server certificates to each
customer, except each customer would use his own IP/Port combination.
Hope it helps,
Felix Tiede
| 
XML site map