CSR question for load balanced Apache servers
Hi
I got the following network setup
-----------------------|---Server A
Internet --load balancer---Server B
-----------------------|---Server C
The load balancer will send the requests in round robin fashion, and the traffic will be secured using HTTPS. All servers will host one site using Apache2 with the same FQDN for all servers.
Having said that, should I generate ONLY one CSR on Server A, and distribute the private key and result certificate to Apache servers on server B and C, or should I generate three CSR, one per server and use the resultant certificates each on it's respective Apache servers.
My concern is that if different CSR will be using on the servers , and the browser creates the HTTPS session with server A, and then using the load balancer request B goes to server B, and server B uses a certificate generated using another CSR and private key, the HTTPS session will break.
Any comments are appreciated.
Regards
Last edited by ALInux; 09-07-2009 at 01:40 PM.
|