Question

Generating CSR for multiple server

Posted February 2, 2015 5.4k views

Hello,
It’s time for me to renew my ssl certification.
I’ve decided to change from godaddy to rapidssl.
They are asking me for a csr, but nor I have multiple server.
Do I need to generate the csr from a particular server, or I can generate it from any server and it will work?

I have 2 apache/php server behind 2 haproxy server (all on debian).
The client connect throw the 2 haproxy server and the ssl will be hosted on them.

Thank you

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer

It is not necessary to generate the CSR on the server that will host the resulting certificate on as long as the key matches in the end. Though normally you would only have there cert on a single server unless it is a “wildcard” cert. Are the the two different HAProxy servers for the same domain?

This tutorial explains a fairly typical setup where a HAProxy server with the SSL cert sits in front of the rest of the infrastructure.

by Mitchell Anicas
HAProxy, which stands for High Availability Proxy, is a popular open source software TCP/HTTP Load Balancer and proxying solution. In this tutorial, we will go over how to use HAProxy for SSL termination, for traffic encryption, and for load balancing your web servers. We will also show you how to use HAProxy to redirect HTTP traffic to HTTPS. Native SSL support was implemented in HAProxy 1.5.x, which was released as a stable version in June 2014.
Submit an Answer