Securing Multiple Servers and Domains with SSL

written by: Dave O`Brien; article published: year 2006, month 08;


In: Root » Computers and technology » Data security » Securing Multiple Servers and Domains with SSL

Dutch French Spanish Portuguese Italian German Japanese Chinese Korean Russian Arabic Bookmark and Share this Article

As organizations and service providers enhance their Web sites and extranets with newer technology to reach larger audiences, server configurations have become increasingly complex. They must now accommodate:

  • Redundant server backups that allow Web sites and extranets to maximize site performance by balancing traffic loads among multiple servers

  • Organizations running multiple servers to support multiple site names

  • Organizations running multiple servers to support a single site name

  • Service providers using virtual and shared hosting configurations

But, in complex, multiserver environments, SSL server certificates must be used carefully if they are to serve their purpose of reliably identifying sites and the businesses operating them to visitors and encrypt e-commerce transactions—thus, establishing the trust that customers require before engaging in e-commerce. When used properly in an e-commerce trust infrastructure equipped with multiple servers, SSL server certificates must still satisfy the three requirements of online trust:

  1. Client applications, such as Web browsers, can verify that a site is protected by an SSL server certificate by matching the “common name” in a certificate to the domain name (such as www.verisign.com) that appears in the browser. Certificates are easily accessible via Netscape and Microsoft browsers.

  2. Users can also verify that the organization listed in the certificate has the right to use the domain name, and is the same as the entity with which the customer is communicating.

  3. The private keys corresponding to the certificate, which enable the encryption of data sent via Web browsers, are protected from disclosure by the enterprise or ISP operating the server.

The Certificate Sharing Problem

In order to satisfy the requirements of Internet trust, one SSL server certificate can be used to secure each domain name on every server in a multiserver environment, and the corresponding private keys can be generated from the hosting server. Some enterprises or ISPs practice certificate sharing, or using a single SSL server certificate to secure multiple servers. Organizations use certificate sharing in order to secure backup servers, to ensure high-quality service on high-traffic sites by balancing traffic among several servers, or, in the case of ISPs and Web hosts, to provide inexpensive SSL protection to price-sensitive customers.

Disclaimer

1) E-articles is not responsible for the information contained by this article as well for any and all copyright infringements by authors and writers. E-articles is a free information resource. If you suspect this article for any copyright infringement, please read the terms of service and contact us to investigate the problem.
2) E-articles is not responsible for inaccuracies, falsehoods, or any other types of misinformation this article may contain and will not be liable for any loss or damage suffered by a user through the user's reliance on the information gained here.

link to this article