Solved

Create a CSR without fully qualified domain name?

Posted on 2008-10-23
4
693 Views
Last Modified: 2010-04-21
I'm working on creating a self-signed SSL certificate and wondering if it is possible to create the CSR using an IP Address as the Common Name instead of a domain name. Is this possible?
0
Comment
Question by:yamabob217
  • 2
4 Comments
 
LVL 50

Accepted Solution

by:
Steve Bink earned 100 total points
ID: 22786467
I suppose you could, but that means anyone not browsing to your IP would receive a warning about a certificate mismatch.  That might not be a problem for you, since they'll already be receiving a warning about a self-signed certificate.

If you want a single certificate to answer to multiple domains, you need a wildcard certificate.  Those are useful in cases where you have a.mydomain.com and b.mydomain.com, and don't want to pay for two certificates.
0
 
LVL 31

Assisted Solution

by:Paranormastic
Paranormastic earned 25 total points
ID: 22789472
Yes, you can.  As noted above, browsing to anything but the IP would give the error, but I'm guessing you know that.  

To correct above note, wildcards are for multiple sites inthe same domain, e.g. *.domain.com, not multiple domains.  If you want multiple things, e.g. IP address, hostname, and FQDN, you could look for a multi-domain cert, a.k.a. UCC cert from a commercial vendor.  If using your own CA, use the SAN: attribute to specify additional names in the Attributes field when submitting via certsrv page, or can use SAN when submitting via certreq.  Most apps only allow for one name when creating the CSR, although there are a few out there (sorry don't remember which offhand, but to my knowledge IIS is not one of them) that do allow for creating the SAN in the CSR also.
0
 
LVL 50

Expert Comment

by:Steve Bink
ID: 22789789
>>> To correct above note, wildcards are for multiple sites inthe same domain

That's actually what I meant.  Thanks for the clarification.  :)
0
 

Author Closing Comment

by:yamabob217
ID: 31509189
Thanks so much for the help!
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

We've all had that page pop up telling us there is a problem with the certificate and some of us continue on anyways and others run away to a safer competing site.  But what to do when you get the error - is it your problem or theirs?  What can you …
So you need a certificate so you can offer SSL encryption.  But which one should you get?  There are so many choices out there! Here is a generic overview of the main types of SSL certificates sold by the majority of commercial Certification Auth…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now