[Box Backup] CA

Ben Summers boxbackup@fluffy.co.uk
Fri, 15 Apr 2005 09:26:53 +0100


On 14 Apr 2005, at 17:57, Nick Knight wrote:

> Hello all,
>
> Probably a dumb question - but my knowledge on CA's and ssl in general
> isn't the best. In an organisation with more than one server - is it
> best to have only 1 CA or more than 1, I assume the CA would hold
> multiple servers and accounts - which means an account number can only
> be used once across an organisation, so when should you use one or 
> more?

Use 1 CA per set of servers (which may or may not equate to an 
organisation). You can sign multiple certificates for the same account 
number, but I don't recommend it as it could create trouble. But you 
have 2^32 account numbers to play with -- why would you need to reuse 
them?

Ben