How Many CCA/NAC SSL CA Certificates Needed?

Unanswered Question
Sep 18th, 2008
User Badges:

I have CAM and CAS failover bundle. 2 CAM and 2 CAS. I am purchasing a third-party Trusted CA. How many certificates will I need to purchase?

Do I need 1 cert for all the servers, 1 per F/O bundle, or 1 cert per server?

And can I use a private IP to generate the cert and not a domain? Because when I test the CSR on Thawte it shown invalid domain.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Peter Yardley Sat, 09/20/2008 - 17:27
User Badges:

We have a failover bundle for our CAS servers and only use 1 cert (on the shared address) for the bundle but you need a separate one for the cam.

I guess you will need 2 certs one cam and one cas.

gabrielbryson Mon, 03/02/2009 - 01:41
User Badges:

You will require one CA cert for the NAM pair and one for the NAS pair (thats 2 in total), you need to genetare the cert request with a FQDN that maps to your service ip address on your internal DNS srv, the Cert authority will not accept a cert request with a IP address.

srue Wed, 03/04/2009 - 06:35
User Badges:
  • Blue, 1500 points or more

i've seen cert vendors issue certs for ip addresses.

nagel Wed, 03/04/2009 - 13:15
User Badges:

We have 2 CAS (not failover)& 1 CAM.. As for uswer experience - it is only necessary to implement cert on CAS... The CAM cert - nobody will ever be affected expect engineering staff. Not a big deal

srue Wed, 03/04/2009 - 15:54
User Badges:
  • Blue, 1500 points or more

yes, with 2 cas servers (no HA) you need 2 certs....

any 3rd party cert installed on the cam is *mostly* for convenience.


This Discussion