One great solution to effectively manage the certificates in large webfarms or email centric companies is to use subject alternative name (SAN) certificates.
The Shortcut Guide to Subject Alternative Name Certificates provides information about SAN certificates to show how they can be used in a variety of technologies. These special certificates allow multiple hosts to use the same certificate, avoiding the costs of obtaining, deploying, and managing multiple nearly-identical certificates. This guide will explore what SAN certificates are, how they work, and how they can help you deploy server farms more efficiently. You may even discover that you already have SAN certificates available that can be put to good use with no additional expense!
This guide is provided in four chapters. Each chapter focuses on a different aspect of the concepts and practical use of SAN certificates:
- Chapter 1: Introduction to Certificates – This chapter introduces broad PKI terms that are used throughout the guide. It provides a framework for the in-depth concepts and application of SAN certificates in later chapters. Although this chapter may be considered review material for some readers, it is important to understand this information to ensure that later chapters are effective.
- Chapter 2: SAN Certificates In Depth – This chapter is dedicated to getting down into the details of a SAN certificate. It will examine the certificate structures and metadata and will compare data between SAN and non-SAN certificates. It will also compare SAN certificates to wildcard certificates to understand the distinction between two somewhat similar products.
- Chapter 3: The Business Value of SAN Certificates – Written primarily for the BDM and TDM readers, this chapter discusses the business aspect of SAN certificates. It will examine the business costs and return on investment (ROI) drivers that apply to both SAN and other similar certification strategies. This chapter supports the business and organizational elements of the solutions discussed in Chapter 2.
- Chapter 4: Planning and Implementing a SAN – Enabled Certificate Strategy—This chapter discuss the details of actually implementing a SAN-enabled certificate strategy. Topics include analyzing existing systems and properly planning for a SAN certificate deployment. Ongoing operations-based tasks are also explored. This chapter is useful for the implementers in an organization, such as the IT generalist or specialist, and the planning elements apply to architects as well.
Because SAN certificates are more flexible than single‐instance certificates, in general, we can plan to obtain fewer certificates and use those certificates in multiple locations. For example, we can show how a company might secure its Internet‐facing servers with a series of certificates in a typical PKI deployment.
As we can see, this deployment has four servers, one of each, that will serve as our server archetypes:
- Email server
- E‐commerce server
- Web server
- Real‐time Communications (RTC) server
You can download the book here
Note: You will need to create a profile in Realtime Nexus (The Digital Library for IT Pros) when you click the above link.
Courtesy: Realtime Nexus Virtualization Alerts