Generic Web app SSL

[Harry Simpson]

Company A has a web app product. They sell it to 10 other companies and
wish several of the pages to be secure. Once the product is placed on these
client's servers, how can the certificate be attached to the software
instead of to the client's servers. I realize that the client server will
at least have to have SSL turned on but is there a way for Company A to have
one certificate and basically sell the "use" of the cert with the public key
and have the private key embedded in the software itself?

TIA
Harry

 

[Ken Schaefer]

As I understand your request, the answer is:

Um no.

A Server Certificate needs to have the name of the server embedded in it.
Otherwise the user gets an error saying that the SSL certificate's name does
not match the name of the server they are connecting to. (one of the
purposes of an SSL cert is to certify that you are actually connected to
www.amazon.com not some impersonator who's managed to poison the DNS to
redirect requests to their rogue site).

Cheers
Ken

: Company A has a web app product. They sell it to 10 other companies and
: wish several of the pages to be secure. Once the product is placed on
these
: client's servers, how can the certificate be attached to the software
: instead of to the client's servers. I realize that the client server will
: at least have to have SSL turned on but is there a way for Company A to
have
: one certificate and basically sell the "use" of the cert with the public
key
: and have the private key embedded in the software itself?
:
: TIA
: Harry
:
: