Does anyone know how to setup shared SSL on 2 or more servers? For example, hosting clients on server A and B can both use SSL through https://secure.mydomain.com/~theiruserid. I think some hosts use wild card certificates like https://servername.host.com/~userid. Instructions for any method would be great. Thanks! :)

I believe that Thawte is the only certificate registrar that will support wild card certificates within the same domain (ie, ssl1.mydomain.com and ssl2.mydomain.com). I don't believe that Verisign supports this (still).

I remeber somewhere on equifax secure they offered wildcard 128bit. I think the price was around $500 + year.

I think that you'll find that Thawte is MUCH more reasonable than that. They are even less expensive than Verisign.

Originally posted by wave
I think some hosts use wild card certificates like https://servername.host.com/~userid. Instructions for any method would be great. Thanks! :)

This isn't a wildcard cert, rather they are just given an FTP account and they get their user directory to use. I'm pretty sure your thinking of Thwarte wildcard certs being MUCH cheaper wouldn't be correct Karyn:

Thawte Wildcard certificates are sold on a licensing bases. So the price for the certificate is dependant on the number of sub domains that you wish to secure using that certificate. Please click on the buy button and fill in your details should you wish to have a sales consultant contact you to discuss your wildcard requirements.

Although I'm not familiar with a sample rate/fee for the license, I get the feeling that it might be around $500 if not higher. Mind you, this depends on whether we are discussing single domain certs. or wildcard certs, and it would be helpful to narrow it down to one or the other. Unless both are being considered of course :)

They USED to much cheaper. I haven't had the need for about a year. Times change! Thanks for the update!

This isn't a wildcard cert, rather they are just given an FTP account and they get their user directory to use.

So they're using only one cert on a single server? How can they do this when the cert works for https://server1.host.com/~userA and https://server2.host.com/~userB?

certs are domain based. not url based. Since the domain are the same in the above example, they can share the same cert.

Thanks for the replies valkaryn! :)

What is the point of wildcard certs if you can share 1 cert between server1.host.com, server2.host.com. server3.host.com, etc.?

The value is that if you have a domain, mysite.com, you can have a better variety of configurations available to you.

For instance, say your Marketing Department has store that it want to run on NT, but customer service department has an area that runs on unix. Two different servers.

Or even more basic... You're commerce service in in high demand and you have to "cluster" your SSL servers.

Or you can have all of the above. It can all fall under the same certificate for easier administrtion. You don't have to keep track of which certificate goes to which server. You don't have to remember when each different cert expires. When you add a new server, you don't have to wait for a new certificate (or at least that was one of the benefits before they started to doing the sublicensing things that were mentioned in an earlier post by Chicken).

It's just easier for a site to scale and administer under a "wildcard" cert.