[ale] SSL Certs for $14.95
James P. Kinney III
jkinney at localnetsolutions.com
Wed Apr 19 14:20:26 EDT 2006
Just get any domain relevant to the business end, sign up for it using
the business name that will be getting the ssl cert and have it pointed
to the IP address. It doesn't _have_ to be a full domain. It could be
sub-domain/host name. As long as the domain lookup for the host will
generate the business name and address used in the ssl application, that
will provide the needed linking for "authentication".
Let's say you have the domain "outpostsentinal.com". Create a host named
sslserver.outpostsentinel.com and set the DNS record to point to
209.168.246.232. That will create a "chain of authentication" from the
IP address back to the business name in the whois record for
outpostsentinel.com. That business name is used in the cert request as
the (O) field and the (DN) field is the IP address.
On Wed, 2006-04-19 at 10:53 -0400, Christopher Fowler wrote:
> This is my problem. I have nothing pointing to 209.168.246.232. Just
> an IP Address.
>
> On Wed, 2006-04-19 at 10:24 -0400, James P. Kinney III wrote:
> > The only real "gotcha" I can think of is you will need to have a
> > domain
> > name that _does_ point to that IP address and that domain name
> > ownership
> > data is used to validate "ownership" of the IP address. For instance:
> > my
> > domain name localnetsolutions.com is pointed to 216.27.162.82. If I
> > request a cert for that IP address, I would use the domain name
> > localnetsolutions.com for the organization as that will resolve to the
> > IP address listed as the DN
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
--
James P. Kinney III \Changing the mobile computing world/
CEO & Director of Engineering \ one Linux user /
Local Net Solutions,LLC \ at a time. /
770-493-8244 \.___________________________./
http://www.localnetsolutions.com
GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
More information about the Ale
mailing list