多台服务器上的单个 SSL 证书 [英] Single SSL cert on multiple servers

问题描述

对于我正在处理的项目，我将拥有多个服务器和许多子域(例如 - *.mydomain.com).我正在考虑从 Godaddy 获得这个 ssl 证书 - 无限子域(通配符)199.99 美元/年

For a project I'm working on I will have multiple servers and lots of subdomains (eg- *.mydomain.com). I'm thinking of getting this ssl cert from godaddy- Unlimited Subdomains (Wildcard) $199.99/yr

我是否可以在所有服务器上使用该证书，还是我需要为每台服务器购买一个证书，因为它们每个都有一个唯一的 IP?

Will I be able to use the cert on all the servers or do I need to buy a cert for each server since they each have a unique ip?

推荐答案

证书绑定到主机名(或通配符主机名)，因此您可以在多台机器上使用相同的证书.

Certificates are bound to a hostname (or wildcard hostname), so you're fine using the same cert on multiple machines.

但是，在请求证书时，您通常会在其中一台服务器上创建私钥.除了您收到的实际证书外，还需要将此私钥复制到所有机器上.

However, when requesting a certificate, you usually create a private key on one of the servers. This private key needs to be copied to all machines in addition to the actual certificate that you recieve.

一种情况是，您将 www.domain.com 解析为负载平衡器的 IP，然后将流量转发到多个服务器.在这种情况下，您只需要将 www.domain.com 的证书(使用私钥)复制到集群中的所有服务器即可.

One scenario is where you have www.domain.com resolving to an IP of a load-balancer, which in turn forwards the traffic to multiple servers. In that case, you only need a certificate for www.domain.com that you copy (with the private key) to all servers in your cluster.

这篇关于多台服务器上的单个 SSL 证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！