Solved

Create a CSR without fully qualified domain name?

Posted on 2008-10-23
4
700 Views
Last Modified: 2010-04-21
I'm working on creating a self-signed SSL certificate and wondering if it is possible to create the CSR using an IP Address as the Common Name instead of a domain name. Is this possible?
0
Comment
Question by:yamabob217
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 51

Accepted Solution

by:
Steve Bink earned 100 total points
ID: 22786467
I suppose you could, but that means anyone not browsing to your IP would receive a warning about a certificate mismatch.  That might not be a problem for you, since they'll already be receiving a warning about a self-signed certificate.

If you want a single certificate to answer to multiple domains, you need a wildcard certificate.  Those are useful in cases where you have a.mydomain.com and b.mydomain.com, and don't want to pay for two certificates.
0
 
LVL 31

Assisted Solution

by:Paranormastic
Paranormastic earned 25 total points
ID: 22789472
Yes, you can.  As noted above, browsing to anything but the IP would give the error, but I'm guessing you know that.  

To correct above note, wildcards are for multiple sites inthe same domain, e.g. *.domain.com, not multiple domains.  If you want multiple things, e.g. IP address, hostname, and FQDN, you could look for a multi-domain cert, a.k.a. UCC cert from a commercial vendor.  If using your own CA, use the SAN: attribute to specify additional names in the Attributes field when submitting via certsrv page, or can use SAN when submitting via certreq.  Most apps only allow for one name when creating the CSR, although there are a few out there (sorry don't remember which offhand, but to my knowledge IIS is not one of them) that do allow for creating the SAN in the CSR also.
0
 
LVL 51

Expert Comment

by:Steve Bink
ID: 22789789
>>> To correct above note, wildcards are for multiple sites inthe same domain

That's actually what I meant.  Thanks for the clarification.  :)
0
 

Author Closing Comment

by:yamabob217
ID: 31509189
Thanks so much for the help!
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We've all had that page pop up telling us there is a problem with the certificate and some of us continue on anyways and others run away to a safer competing site.  But what to do when you get the error - is it your problem or theirs?  What can you …
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question