A user asks:
how can i use a single certificate (public/private) key for 2 different host name. I am using Filezilla FTP server.
Is it possible to use the same certificate for 2 different FTP server running on a different machine. Since our's is a distributed environment
In our distributed environment, we have 2 FTP servers. while generating SSL certificate using the openssl command,for the CN (common name) property , the hostname is set to the ip address. since i have 2 FTP server running in a clustered mode, is there anyway to use the single certificate for both the FTP server.
Yes, you can do this. Obviously you'll need to install the same certificate on both servers. This is easily done in FileZilla Server. Once you've done this you'll need to make sure that the SSLFTPClient validates the name on the certificate (the Common Name or CN) against a fixed string, rather than the host-name, which will be different between the two servers. You can do this by:
ftpClient.setCustomValidator(new SSLFTPStandardValidator("serverCN"));
where "serverCN" is the Common Name on the certificate.
- Hans (EnterpriseDT)
