[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 370
  • Last Modified:

wildcard certificate by certification authority

hello experts.
i want to create certificate for multiple subdomains for one domain.
i try to use the link  http://technet.microsoft.com/en-us/library/ff625722(v=ws.10).aspx#BKMK_Security   but have one problem.
i cant create request for web server
please see the attached file
0
ameriaadmin
Asked:
ameriaadmin
  • 4
  • 3
2 Solutions
 
ameriaadminAuthor Commented:
and is there is a method for creating one certificate for one domain   example.com  and   *.example.com ?
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
Yes, example.com would be different from *.example.com.
To create the CSR for the wildcard cert, I'd use certreq, generating an INF file with the wildcard subject.
The wildcards I've used in the past, however, haven't seen able to bridge more than one level in the heirarchy.  (So, for example, *.example.com would be okay with host one.example.com, but I'd get a certificate error contacting host.one.example.com.)
0
 
ameriaadminAuthor Commented:
we generate a request for *.example.com. and now when we use it have certificate error on example.com and all is ok with subdomains.   https://some.example.com works ok and https://example.com with certificate error.
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
*wince*  Yes, that meshes with what I've seen with wildcard certificates as well.  example.com doesn't match the rule established by *.example.com...  You'd need a 'not-wildcard' for example.com.
0
 
ameriaadminAuthor Commented:
i have a not wildcard for example.com but i need to run all the websites on one server on one port (443).
how can i solve the issue?
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
If it HAS to be on the same port, the only solution I've found has been to add a second IP address to the same server, and bind that IP address with the certificate to 443 for the one website that requires the not-wildcard certificate.
0
 
ameriaadminAuthor Commented:
i solve the problem using another port, and with sub domain, and redirect parent domain (without secure connection) to child domain (with ssl)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now