您需要一个通配符证书。标准 SSL 证书验证单个 dns 主机名,例如“www.domain.com”。您需要为每个个人用户主机名提供单独的证书,这可能会让您破产并使 godaddy/verisign 非常高兴。
You'd need a wildcard certificate. A standard SSL certificate verifies a SINGLE dns hostname, like "www.domain.com". You'd need a separate certificate for EACH of your individual user hostnames, which will probably bankrupt you and make godaddy/verisign very happy.
I believe Marc is wrong here. I have a zend application that secure multiple subdomains using a single wild card ssl certification. The only issue is that all the subdomains have to be under the same root domain. You can't mix different subdomains with different domains.
For example, user1.mydomain.com or user2.mydomain.com.
In apache, you should set a catch all for the ssl port and you're good to go!
Wildcard SSL is relatively expensive, considering you only have 2 sub domain, it's better to use multi-san ssl which are used to secure 2 domain (or sub domain) only. The latter one is much cheaper.
发布评论
评论(3)
您需要一个通配符证书。标准 SSL 证书验证单个 dns 主机名,例如“www.domain.com”。您需要为每个个人用户主机名提供单独的证书,这可能会让您破产并使 godaddy/verisign 非常高兴。
You'd need a wildcard certificate. A standard SSL certificate verifies a SINGLE dns hostname, like "www.domain.com". You'd need a separate certificate for EACH of your individual user hostnames, which will probably bankrupt you and make godaddy/verisign very happy.
我相信马克在这里错了。我有一个 zend 应用程序,它使用单个通配符 ssl 认证来保护多个子域。唯一的问题是所有子域必须位于同一根域下。您不能将不同的子域与不同的域混合在一起。
例如,user1.mydomain.com 或 user2.mydomain.com。
在 apache 中,您应该为 ssl 端口设置一个 catch all,然后就可以开始了!
I believe Marc is wrong here. I have a zend application that secure multiple subdomains using a single wild card ssl certification. The only issue is that all the subdomains have to be under the same root domain. You can't mix different subdomains with different domains.
For example, user1.mydomain.com or user2.mydomain.com.
In apache, you should set a catch all for the ssl port and you're good to go!
通配符 SSL 相对昂贵,考虑到您只有 2 个子域,最好使用仅用于保护 2 个域(或子域)的 multi-san ssl。后一种要便宜得多。
Wildcard SSL is relatively expensive, considering you only have 2 sub domain, it's better to use multi-san ssl which are used to secure 2 domain (or sub domain) only. The latter one is much cheaper.