ssl key

[handle789]

We have a unix box, called machine-1, with a web server application that uses the SSL protocol with private/public keys running on apache/1.3.33 and jakarta-tomcat-4.0.6.

We are doing a disaster recovery test and back up the software and data from machine-1 to a tape, then restore them to a second machine, machine-2. During the restoration process, machine-1 is shut down and off line. machine-2 will assume the identity of machine-1 with the same host name, IP address and network settings.

We are wondering if the web application using SSL still works when it is brought up on machine-2. Although the network settings remain the same, machine-2 has a different serial number from machine-1. Any idea if the SSL protocol may have an issue? Thanks.

 

[Diancecht]

Maybe this can help you: Installing SSL in Apache

Cheers,
Dian

 

[handle789]

Thank you. I read a little about the key generation before. But does the key generation use the machine serial number? If it does, then the restoration from tape to another machine with a different S/N may not work for ssl.

The ssl key was generated a few years ago for this web application by a consultant, and I wasn't here back then. No one here knows how the key was generated. How do I find out if the CSR was sent to a Certificate Authority and to whom, or if it was self-signed?

 

[Diancecht]

To be sincere, I have no idea.

You can always try installing the certificate in another machine and testing. I guess they SSL key isn't bounded to the machine anyway.

Cheers,
Dian