• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 519
  • Last Modified:

SSL certificate is wildcard and non-windows browsers show as invalid certificate

Our mail exchange administrator via GoDaddy purchased our SSL certificates as *.companyname.com

instead of servername.companyname.com

I can see the reasoning so that the certificate can toggle between various servers, yet FireFox and Safari browsers cannot identify the trusted certificate *.companyname.com with the sites defined servername.

Somewhere I read that via PowerShell in Exchange we can run a command so that *.companyname.com reflects as a trusted certificate
0
PROJHOPE
Asked:
PROJHOPE
  • 2
  • 2
2 Solutions
 
danengleCommented:
You need to ensure those non-windows browsers have godaddy.com added as a trusted root CA.

http://en.wikipedia.org/wiki/Certificate_authority
http://en.wikipedia.org/wiki/Root_certificate
0
 
fgrushevskyCommented:
we use wildcard certificates with no problem , the Firefox that I am using identifies certificates as valid "SSL Server Certificate". where exactly do you see as "non trusted" when you use FF?
0
 
PROJHOPEAuthor Commented:
I am on the new Firefox 3.0 and trying to get to our sharepoint site I am stopped when I enter in the URL and hit enter

I do not get the pop up to allow or trust.  

I went to the Exchange server I exported the Trusted GoDaddy Ceritificate and also the private key (pfx)

In Firefox I went to preferences security and tried to import the Trusted GoDaddy.cer file...stated it already existed...

Ok so it isn't GoDaddy but our servers...so I go to Personal and import the private key

Successful.  When I close and reopen the browser I am shown again the untrusted certificate.


0
 
danengleCommented:
when you close and reopen the browser, is the private key still present?  

Did you upgrade to FF3.0 from an older version or a clean install?  If upgrade, try a clean install and see if that remedies the situation.  It's possible some setting from the old version isn't working properly.  
0
 
PROJHOPEAuthor Commented:
The problem is our *.companyname.  We are a mixed environment and thus to keep everyone happy we are going to pay the $30.00 to get server specific SSL certificates.

Thanks All
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now