Solved

wildcard certificate by certification authority

Posted on 2013-12-24
7
339 Views
Last Modified: 2014-01-13
hello experts.
i want to create certificate for multiple subdomains for one domain.
i try to use the link  http://technet.microsoft.com/en-us/library/ff625722(v=ws.10).aspx#BKMK_Security   but have one problem.
i cant create request for web server
please see the attached file
0
Comment
Question by:ameriaadmin
  • 4
  • 3
7 Comments
 

Author Comment

by:ameriaadmin
Comment Utility
and is there is a method for creating one certificate for one domain   example.com  and   *.example.com ?
0
 
LVL 29

Expert Comment

by:Rich Weissler
Comment Utility
Yes, example.com would be different from *.example.com.
To create the CSR for the wildcard cert, I'd use certreq, generating an INF file with the wildcard subject.
The wildcards I've used in the past, however, haven't seen able to bridge more than one level in the heirarchy.  (So, for example, *.example.com would be okay with host one.example.com, but I'd get a certificate error contacting host.one.example.com.)
0
 

Author Comment

by:ameriaadmin
Comment Utility
we generate a request for *.example.com. and now when we use it have certificate error on example.com and all is ok with subdomains.   https://some.example.com works ok and https://example.com with certificate error.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 29

Assisted Solution

by:Rich Weissler
Rich Weissler earned 500 total points
Comment Utility
*wince*  Yes, that meshes with what I've seen with wildcard certificates as well.  example.com doesn't match the rule established by *.example.com...  You'd need a 'not-wildcard' for example.com.
0
 

Author Comment

by:ameriaadmin
Comment Utility
i have a not wildcard for example.com but i need to run all the websites on one server on one port (443).
how can i solve the issue?
0
 
LVL 29

Accepted Solution

by:
Rich Weissler earned 500 total points
Comment Utility
If it HAS to be on the same port, the only solution I've found has been to add a second IP address to the same server, and bind that IP address with the certificate to 443 for the one website that requires the not-wildcard certificate.
0
 

Author Closing Comment

by:ameriaadmin
Comment Utility
i solve the problem using another port, and with sub domain, and redirect parent domain (without secure connection) to child domain (with ssl)
0

Featured Post

Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

Join & Write a Comment

Recently Microsoft released a brand new function called CONCAT. It's supposed to replace its predecessor CONCATENATE. But how does it work? And what's new? In this article, we take a closer look at all of this - we even included an exercise file for…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now