cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

661
Views
0
Helpful
1
Replies
Highlighted
Beginner

CSS 11501 using wildcard certificates

Hello,

I'm about to switch to wildcard certificates in a CSS 11501, however there are some doubts that I would like to clarify:

- When generating the CSR can i use *.mycompany.com for CN ?

- Should the CSR be generated only once or every time i need to create a new content rule i need to generate it?

     - If only once can I associate multiple filenames with only one certificate?

          ssl associate cert myrsacert1 certificate.pem; ssl associate cert myrsacert2 certificate.pem...

Thanks for your help,

Best regards,

Claudio

1 ACCEPTED SOLUTION

Accepted Solutions
Participant

CSS 11501 using wildcard certificates

Hello Claudio,

- When generating the CSR can i use *.mycompany.com for CN?

Yes that will take care of any subdomain you need... something that you need to consider is that this wilcard will cover site like cars.mycompany.com or shop.mycompany.com but if you have a site that looks like ftp.shop.mycompany.com then you'll need a wildcard that looks like *.*.mycompany.com.

The CSR is generated only once and from there you send it to your CA to have signed off.

Not sure I fully understood your second question, once you received the cert and key whether in PFX or PEM format from your CA, you'll upload these to your CSS using FTP and then associate the file(s) to a name that is only meaningful to the SSL proxy list within your CSS.

HTH

__ __

Pablo

View solution in original post

1 REPLY 1
Participant

CSS 11501 using wildcard certificates

Hello Claudio,

- When generating the CSR can i use *.mycompany.com for CN?

Yes that will take care of any subdomain you need... something that you need to consider is that this wilcard will cover site like cars.mycompany.com or shop.mycompany.com but if you have a site that looks like ftp.shop.mycompany.com then you'll need a wildcard that looks like *.*.mycompany.com.

The CSR is generated only once and from there you send it to your CA to have signed off.

Not sure I fully understood your second question, once you received the cert and key whether in PFX or PEM format from your CA, you'll upload these to your CSS using FTP and then associate the file(s) to a name that is only meaningful to the SSL proxy list within your CSS.

HTH

__ __

Pablo

View solution in original post

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here