SSL wildcard certificates and trailing 'www'

Posted by user173326 on Server Fault See other posts from Server Fault or by user173326
Published on 2013-07-03T14:56:49Z Indexed on 2013/07/03 17:08 UTC
Read the original article Hit count: 316

I've got a wildcard SSL certificate for *.mydomain.com.

I'm using nginx, and redirecting all traffic for http to https, and also rewriting the URLs without a trailing www (if there is one).

So it has,

1) http://subdomain.mydomain.com       ---> https://subdomain.mydomain.com 

2) http://www.subdomain.mydomain.com   ---> https://subdomain.mydomain.com 

3) https://www.subdomain.mydomain.com  ---> https://subdomain.mydomain.com

4) https://subdomain.mydomain.com      ---> https://subdomain.mydomain.com

However, since my cert is for *.mydomain.com, case 3 gets an SSL error in chrome ('This is probably not the site that you are looking for!'), but if you click through it gets redirected and all is well.

I understand why, since the initial connection is for https with a www (2 levels of subdomains), which doesn't match what is on the wildcard certificate.

I thought a solution would be to get an additional cert for *.*.mydomain.com to cover www.*.mydomain.com. But it seems like that won't work. I spoke to agents from namecheap and comodo, and both said *.*.mydomain.com was not possible. I also came across this: https://support.quovadisglobal.com/KB/a60/will-ssl-work-with-multilevel-wildcards.aspx

Is there a solution to this? To be able to cover www.*.mydomain.com?

© Server Fault or respective owner

Related posts about nginx

Related posts about ssl