How to secure both root domain and wildcard subdomains with one SSL cert?
Posted
by
Question Overflow
on Server Fault
See other posts from Server Fault
or by Question Overflow
Published on 2012-09-30T07:18:35Z
Indexed on
2012/09/30
9:39 UTC
Read the original article
Hit count: 263
I am trying to generate a self-signed SSL certificate to secure both example.com
and *.example.com
. Looking at the answers to this and this questions, there seems to be an equal number of people agreeing and disagreeing whether this could be done. However, the website from a certification authority seems to suggest that it could be done.
Currently, these are the changes added to my openssl configuration file:
[req]
req_extensions = v3_req
[req_distinguished_name]
commonName = example.com
[v3_req]
subjectAltName = @alt_names
[alt_names]
DNS.1 = example.com
DNS.2 = *.example.com
I tried the above configuration and generated a certificate. When navigating to https://example.com
, it produces the usual warning that the cert is "self-signed". After acceptance, I navigate to https://abc.example.com
and an additional warning is produced, saying that the certificate is only valid for example.com
.
The certificate details only listed example.com
in the certificate hierarchy with no signs of any wildcard subdomain being present.
I am not sure whether this is due to a misconfiguration or that the common name should have a wildcard or that this could not be done.
© Server Fault or respective owner