wildcard certificate

Hi Experts,

we are using a wildcard cert for our domain and the external connections to our webservers.
The cert is :    *.domain.at
Now we have one cert which expires in one week -> day.domain.at

How to renew this cert in IIS ?
Or do I have to order a new one ?
How to create a cert out of the wildcard cert ?
Eprs_AdminSystem ArchitectAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Dan McFaddenConnect With a Mentor Systems EngineerCommented:
Just because a cert is in the certificate store, does not mean it is being used.  You can verify what cert the site is using thru a browser (as you did) and thru IIS Manager as well.  I would recommend looking in IIS Manager and verifying your findings from your browser test.

Either way, if the dates you listed above are real, I would renew your wildcard immediately.  Since you have a wildcard cert that is valid for *.domain.at, I would let the site.domain.at cert expire.  It is not needed because your wildcard covers that device.

Dan
0
 
Dan McFaddenSystems EngineerCommented:
The reason for using a wildcard certificate is that you can use the cert for multiple applications under a single domain name, for example:  domain.at.  This means that any host under "domain.at" can be secured using this wildcard certificate.

If you have a host named "day" belonging to "domain.at" and it is using a wildcard cert for *.domain.at AND the cert for this domain is expiring soon, then the cert for all objects/devices/applications using the *.domain.at cert will soon expire.

If you have a certificate configured for day.domain.at that is expiring, then the host is either:

1. not using the wildcard cert for *.domain.at and you need to renew the cert configured for day.domain.at
- or -
2. using the wildcard cert which is about to expire and you need to renew the wildcard cert

Usually the Certificate Authority you purchased you wildcard cert from (eg: VeriSign, Thawte, GoDaddy, DigiCert, etc) has detailed instructions on how to go about renewing an existing certificate purchased thru them.

Where did your company purchase their cert from?

Dan
0
 
Eprs_AdminSystem ArchitectAuthor Commented:
I have taken over this config.

For me is strange I have a cert called : site.domain.at
For this site I have a cert. On the the IIS I check the cert store and it will expire on 13.9.2014

When I go to IE and type the homepage of site.domain.at and I check the cert here,
then it is written :

Issued to: *.domain.at
Issued by: EssentialSSL CA -> COMODO
Valid to: 10.10.2014

Which one I have to renew now ?
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
Eprs_AdminSystem ArchitectAuthor Commented:
OK then I renew it quickly...
0
 
Suliman Abu KharroubIT Consultant Commented:
Check is the website in the IIS is using the wild cared certificate , from the binding windows, https--> select the correct certificate.
0
 
Eprs_AdminSystem ArchitectAuthor Commented:
yes it is selected in the https bindings
0
 
Dan McFaddenSystems EngineerCommented:
If you are confident that all your websites are using the wildcard certificate, then after renewing it and reinstalling it on your web server, you should be fine.  You will have to select the renewed cert in order for the sites to get the update.

Dan
0
 
Eprs_AdminSystem ArchitectAuthor Commented:
ok I have created the CSR and sent it now to the company to get the cert.
0
All Courses

From novice to tech pro — start learning today.