Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
953
Views
0
Helpful
1
Replies

CSS 11501 using wildcard certificates

Go to solution
comunicacoes
Level 1
Level 1

‎09-29-2011 06:49 AM

Hello,

I'm about to switch to wildcard certificates in a CSS 11501, however there are some doubts that I would like to clarify:

- When generating the CSR can i use *.mycompany.com for CN ?

- Should the CSR be generated only once or every time i need to create a new content rule i need to generate it?

     - If only once can I associate multiple filenames with only one certificate?

          ssl associate cert myrsacert1 certificate.pem; ssl associate cert myrsacert2 certificate.pem...

Thanks for your help,

Best regards,

Claudio

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
pablo.nxh
Level 3
Level 3

‎09-29-2011 10:51 AM

Hello Claudio,

- When generating the CSR can i use *.mycompany.com for CN?

Yes that will take care of any subdomain you need... something that you need to consider is that this wilcard will cover site like cars.mycompany.com or shop.mycompany.com but if you have a site that looks like ftp.shop.mycompany.com then you'll need a wildcard that looks like *.*.mycompany.com.

The CSR is generated only once and from there you send it to your CA to have signed off.

Not sure I fully understood your second question, once you received the cert and key whether in PFX or PEM format from your CA, you'll upload these to your CSS using FTP and then associate the file(s) to a name that is only meaningful to the SSL proxy list within your CSS.

HTH

__ __

Pablo

View solution in original post

0 Helpful
1 Reply 1

Go to solution
pablo.nxh
Level 3
Level 3

‎09-29-2011 10:51 AM

Hello Claudio,

- When generating the CSR can i use *.mycompany.com for CN?

Yes that will take care of any subdomain you need... something that you need to consider is that this wilcard will cover site like cars.mycompany.com or shop.mycompany.com but if you have a site that looks like ftp.shop.mycompany.com then you'll need a wildcard that looks like *.*.mycompany.com.

The CSR is generated only once and from there you send it to your CA to have signed off.

Not sure I fully understood your second question, once you received the cert and key whether in PFX or PEM format from your CA, you'll upload these to your CSS using FTP and then associate the file(s) to a name that is only meaningful to the SSL proxy list within your CSS.

HTH

__ __

Pablo

0 Helpful
Customers Also Viewed These Support Documents