[f-nsp] multiple certificate-file
Oliver Adam
oadam at madao.de
Tue Oct 21 12:48:28 EDT 2008
You need to create a new profile - one certificate/key pair per
profile. The profile is than getting bound to a virtual service of a
virtual server. This service is going to present the linked
certificate to users trying to connect to the service.
Why do you ask?
R, Oliver
At 15:42 20.10.2008, Rantanen, Edward CTR wrote:
>I have ssl module running with a keypair-file and a
>certificate-file, to add a second key/cert can these be added to the
>exist profiles or do new profiles need to be made?
>
>Looked through the security guide, but don't see where it explains
>the multiple keys/cert usage.
>
>Is there another document that I need to read through? If so
>what/where do I need to look?
>
>Thanks.
>
>!Building configuration...
>!Current configuration : 5347 bytes
>!
>ver 10.2.01bTD2
>!
>module 1 bi-0-port-wsm6-management-module
>module 2 bi-0-port-wsm3-slave-module
>module 3 bi-jc-16-port-gig-copper-module
>!
>tcp profile tcpprof
> nagle off
> delayed-ack off
> push-bit off
>!
>ssl profile clientprofile
> keypair-file xxxxkey
> certificate-file cacert
> cipher-suite all-cipher-suites
> allow-self-signed-cert
> session-cache off
> tcp-profile tcpprof
>ssl profile serverprofile
> keypair-file xxxxkey
> allow-self-signed-cert
> ca-cert-file cacert
> session-cache off
> tcp-profile tcpprof
>ssl profile ssl1
> keypair-file xxxxkey
> certificate-file cacert
> cipher-suite all-cipher-suites
> allow-self-signed-cert
> session-cache off
> tcp-profile tcpprof
>
>_______________________________________________
>foundry-nsp mailing list
>foundry-nsp at puck.nether.net
>http://puck.nether.net/mailman/listinfo/foundry-nsp
More information about the foundry-nsp
mailing list