?
Solved

Create a CSR without fully qualified domain name?

Posted on 2008-10-23
4
Medium Priority
?
701 Views
Last Modified: 2010-04-21
I'm working on creating a self-signed SSL certificate and wondering if it is possible to create the CSR using an IP Address as the Common Name instead of a domain name. Is this possible?
0
Comment
Question by:yamabob217
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 51

Accepted Solution

by:
Steve Bink earned 400 total points
ID: 22786467
I suppose you could, but that means anyone not browsing to your IP would receive a warning about a certificate mismatch.  That might not be a problem for you, since they'll already be receiving a warning about a self-signed certificate.

If you want a single certificate to answer to multiple domains, you need a wildcard certificate.  Those are useful in cases where you have a.mydomain.com and b.mydomain.com, and don't want to pay for two certificates.
0
 
LVL 31

Assisted Solution

by:Paranormastic
Paranormastic earned 100 total points
ID: 22789472
Yes, you can.  As noted above, browsing to anything but the IP would give the error, but I'm guessing you know that.  

To correct above note, wildcards are for multiple sites inthe same domain, e.g. *.domain.com, not multiple domains.  If you want multiple things, e.g. IP address, hostname, and FQDN, you could look for a multi-domain cert, a.k.a. UCC cert from a commercial vendor.  If using your own CA, use the SAN: attribute to specify additional names in the Attributes field when submitting via certsrv page, or can use SAN when submitting via certreq.  Most apps only allow for one name when creating the CSR, although there are a few out there (sorry don't remember which offhand, but to my knowledge IIS is not one of them) that do allow for creating the SAN in the CSR also.
0
 
LVL 51

Expert Comment

by:Steve Bink
ID: 22789789
>>> To correct above note, wildcards are for multiple sites inthe same domain

That's actually what I meant.  Thanks for the clarification.  :)
0
 

Author Closing Comment

by:yamabob217
ID: 31509189
Thanks so much for the help!
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you need a certificate so you can offer SSL encryption.  But which one should you get?  There are so many choices out there! Here is a generic overview of the main types of SSL certificates sold by the majority of commercial Certification Auth…
#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question