[159177] in North American Network Operators' Group
Re: SSL Certificates and ... Providers
daemon@ATHENA.MIT.EDU (Peter Kristolaitis)
Thu Dec 27 14:52:56 2012
Date: Thu, 27 Dec 2012 14:52:51 -0500
From: Peter Kristolaitis <alter3d@alter3d.ca>
To: nanog@nanog.org
In-Reply-To: <CC75EEBF17C7374EA8309102B7B10C840109D3E657@SHSBS.shenrons-house.local>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Yes, some SSL providers (mostly the overpriced ones) like to "license"
their certs on a per-server basis. If you read the contract language,
this is how it's written. However, this is strictly a contractual
issue, not a technical one. It's just a way to squeeze more money out
of people who don't know any better.
Speaking strictly from a technical standpoint, there is nothing at all
stopping you from using the same cert/keys on as many servers as you'd
like. There are SSL providers out there that are reasonable about the
whole thing and sell you a cert, not a single-device-license.
- Pete
On 12/27/2012 2:47 PM, Blake Pfankuch wrote:
> Ok, so this might be a little off topic but I am trying to validate something a vendor is telling me and hoping some people here have expertise in this area...
>
> I am working with a SSL certificate provider. I am trying to purchase a quantity of wildcard SSL certificates to cover about 60 FQDN's across 4 domains. Vendor is telling me that the Wildcard certificates are licensed per physical device it is installed on. This means instead of using a single wildcard across 20 servers, I would have to buy 20 wildcard certs for 20 servers.
>
> This does not compute in my brain and also in my mind completely defeats the purpose of a wildcard cert as I know it. Has anyone run into this before?
>
> Thanks
> Blake
