Solved

Wild Card Certs

Posted on 2014-07-20
4
340 Views
Last Modified: 2014-07-21
Is it possible to generate a specific named certicate from a wild card Public certificate? For example, if I already have *.Domain.com being used, can I use IIS to create another cert with a specific name such as PC1.Domain.com or SRV.Domain.com ?  (Without having to contact the Public CA)

Your thoughts please...
0
Comment
Question by:K Anthony O365
4 Comments
 
LVL 77

Assisted Solution

by:arnold
arnold earned 166 total points
ID: 40208198
No.  The whole point of a wild car certificates is that the certificate can be used with multiple names.
Create a new site, and the under the SSL configuration, assign the existing certificate (if it is on a different system, you need to export it including the private key, then import it on this system.)

Have not looked at it recently, but IIS did not use to support wildcard certificates; one had to use certificates with predefined names in the CSR.

An option might be to use a squid proxy in a reverse configuration on which the SSL connection will terminate and the request will be sent to the IIS server on port 80.
0
 
LVL 29

Accepted Solution

by:
becraig earned 167 total points
ID: 40208200
No you cannot, however you can simply export the same wild card certificate and private key in a pfx container  and use for whatever you need to on the target machine / service.
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 167 total points
ID: 40208422
Seconded (thirded?)
The whole point of a *.domain.com is it covers xxxx.domain.com for any variant of xxx - so pc1.domain.com or srv.domain.com.
A cert that can cover more than one named host is called a SAN (subject alternative name) and has to be purchased with the list of names already present.

what you are describing is an Name Constraint Intermediate CA certificate, and those are very very expensive.
0
 

Author Closing Comment

by:K Anthony O365
ID: 40208866
Thanks for your comments Gentlemen! You verified what I was thinking.
0

Featured Post

Give your grad a cloud of their own!

With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Add Server Certificate in IIS from C# 6 105
Error viewing ASP page 12 148
ASP.Net Session State alternatives 3 57
Cannot upload files above 1mb IIS7 11 39
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now