SSL Primer

I am a little vauge about SSL Implementation. We currently have an SSL cert for our domain, XtremeParts.net. It is implemented on an older Windows 2000 server and is in the process of being upgraded to TWO windows 2003 servers which we will eventually connect with some sort of load balancing appliance, such as F5’s BIG IP.

My question has a couple parts:

  1. I would like an SSL cert that will run on all three servers to start. This way I can put the new server(s) into production simply by changing the IP address on the servers.

  2. Do I need to register a separate IP address in our DNS for each server? And if I am load balancing how do I make sure an SSL server is available if I am hard-coding the SSL address via NDS?

My assumption is the I can go to the support section to get the actual details on the installation of the Certs.

Thanks for the help.
Lee

If you order the SSL certificates for a Domain name they will function independently of the IP addresses.

So provided that you have setup your network correctly to load balance between these servers this should function correctly.

In a load balanced enviroment the installation of the certificates is no different from that of a single server enviroment as the load balanceing simply controls the follow of traffic to the servers and will not affect the SSL

To answer your question on if you would need to assign "separate IP address in your DNS for each server? " . You seem to not be looking at how load balancing works from the correct side of things.

You would only has a single “DNS” entry for this domain and that would be the load balancer. From here the load balancer would then direct traffic to the various servers in the cluster based on your needs and the rules that you would set up.

Unfortunately we cannot help very much with the setup of the load balanceing but if you have any difficulties setting up the certificates once you have the load balanceing functioning please do not hesitate to contact us.