NetTalk Central

NetTalk Web Server => Web Server - Ask For Help => Topic started by: JHojka on January 16, 2012, 11:36:03 AM

Title: ssl csr question.
Post by: JHojka on January 16, 2012, 11:36:03 AM

Our site will be set up to use a nonstandard port for ssl. The standard port is already being used by another application. We would like to create a CSR for the site on the new port. When I create my CSR do I need to add the port number for a single site license?

Example from docs:

g. Common Name: this is the URL that people will use to access your web site. For example www.capesoft.com

Would I use www.mysite.com:499 or does a single site license cover all ports?

Jeff Hojka
Marathon software Co.

Title: Re: ssl csr question.
Post by: Flint G on January 16, 2012, 12:09:20 PM

Jeff,

You actually do not need to supply the port number with your common name.  The common name is just that, the name your server is commonly known by.  So, a certificate issued to www.capesoft.com is valid for any port where www.capesoft.com is the common domain (i.e. www.capesoft.com:80, www.capesoft.com:443, www.capesoft.com:8080, etc.).  It would not, however, be valid for updates.capesoft.com, unless the certificate was issued to an expensive wildcard common name such as *.capesoft.com.

So, if you already have an SSL certificate that is valid for the domain name you will be using, regardless of the port, don't buy a new one, reuse the one you've already got.

Hope this helps.

Regards,
Flint

Title: Re: ssl csr question.
Post by: JHojka on January 16, 2012, 12:54:56 PM

Thanks Flint

Title: Re: ssl csr question.
Post by: kevin plummer on January 16, 2012, 04:04:49 PM

Hi Jeff,

just a word of warning about non-standard SSL ports is that for some reason, I have come across lots of instances where they have been blocked from Airports to lots of clients. In those cases the std ssl port works fine and non-ssl non std ports also worked fine.

Cheers,

Kev