Are Unified Communications SSL certificates (aka Subject Alternative Name / SAN) suitable for securing a CMS website in IIS, which serves lots of different secured websites for various clients each on their own domain name? The CMS will run on a single IP address and a single IIS site, but the content served will be different based on the host header / domain.
I understand that this is technically possible, but I'm interested to know if anyone thinks this is bad practice or a potential security issue to share an SSL certificate for many clients?
Thanks,
Tim
Answer
By itself, using a UC certificate with multiple domains names presents no security problems. Just keep in mind that all of the domain names will be listed in the certificate, so you can't put any private sites in there.
No comments:
Post a Comment