Installing the same certificate for a number of services - should this be avoided?

  • Thread starter Thread starter PC
  • Start date Start date
P

PC

Hi all,

Could someone let me know the whys and why nots of installing the same
certificate for a number of different services.

Specifically are there any reasons why a cerificate installed on an IIS 5.0
website cannot be installed and used on an SMTP virtual server on the same
physical server?

I appreciate any advice

...pc
 
Normally a computer or user certificate can be used for multiple
applications if the certificate key usage will support it. A website
certificate is for server authentication. With a web server certificate the
client attempting to access it will be warned however if the website name on
the certificate does not match website name as shown by the web browser
which would probably be a problem in your case since you would probably have
different names for each one. --- Steve

http://support.microsoft.com/kb/823024
 
It is generally accepted best-practice to not use multi-purpose certs (aka,
swiss Army certs) unless it can not be avoided. This way I can revoke a
cert that is designated for a particular service or application and not
interrupt additional functionality.

That's not to say it can't be done, just the common reason why....
 
Back
Top