SSL Certificate purchase

Hi guys

I am going to be buying a multi-EV domain SSL certificate. This domain will have quite a few sub-domains. When i want to create the certificate request on the server, in the common name section, do I just put in the domain name only? So would I put 'contoso.com'? And not '*.contoso.com'. I assume i would only put an asterisk if it was going to be a wildcard ssl right?

Thanks for helping
Yash
LVL 1
YashyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Prabhin MPEngineer-TechOPSCommented:
*.domain.com for wild card which can be used for any hosts under domain.com

domain.com - it works for only for this host
1
MAS (MVE)EE Solution Guide - Technical Dept HeadCommented:
Hi Yashy,
*.contoso.com is used for wildcard certificate. If you are planning to use for all subdomain I recommend to buy wildcard. Please check this for cheap certificates.
if you are buying multiidomain you give domain.com or www.domain.com common name and the others names as SANs(Subject to Alternative Names).
If you are buying for Exchange server or Skype you can give mail.domain.com/Skype.domain.com as common and rest as SANs.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Prabhin MPEngineer-TechOPSCommented:
For example, if your certificate is for *.domain.com, it will secure subdomains of the same level.
0
Do You Have a Trusted Wireless Environment?

A Trusted Wireless Environment is a framework for building a complete Wi-Fi network that is fast, easy to manage, and secure.

MAS (MVE)EE Solution Guide - Technical Dept HeadCommented:
Agree with Prabhin with the above statement.
it will secure whatevername.domain.com
0
YashyAuthor Commented:
So I should basically just create a certificate request with '*.contoso.com' in the Common Name section. Then I can add the SAN's on the providers site.
0
MAS (MVE)EE Solution Guide - Technical Dept HeadCommented:
0
Prabhin MPEngineer-TechOPSCommented:
Common name as *.domain.com
0
Chinmay PatelChief Technical NinjaCommented:
Hi Yashy,

I am not sure if you have heard of https://letsencrypt.org/ which allows you to issue free Wildcard SSL or whether their certificates serve your purpose(you have to renew them at a regular interval - which can be automated using free tool available at https://letsencrypt.org/getting-started/).

Regards,
Chinmay.
0
David Johnson, CD, MVPOwnerCommented:
multi-EV domain SSL certificate AFAIK you cannot purchase a wildcard Extended Validation SSL Certificate.  There is a multi-domain EV certificate but all of the domains must be included in the SAN area of the certificate request.
0
YashyAuthor Commented:
So in the end, I had to enter just the domain.com into the 'Common name' section. Then in the SAN's area with your provider, you list all of the sub-domains. So if my domain was 'contoso.com', in the Common name would be 'contoso.com'. Then once I have created the CSR, in the area where I can put SAN's, you would put 'mail.contoso.com', 'ftp.contoso.com' and so on.

I couldn't use *.contoso.com as that would not be valid for an EV SSL, but only for Wildcard SSL.

Thank you all for helping. I appreciate it.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSL / HTTPS

From novice to tech pro — start learning today.