09-07-2012 03:45 AM
Hi,
I generated a wildcard certificate for my company type *. mycompany.com in a CSS 11501.
For the site sub-domain1.mycompany.com worked fine, for the site sub-domain2.sub-domain1.mycompany.com didn't worked.
I read on the web that should generate a wildcard certificate with subject alternative names. Is it possible in CSS? how can I do it?
Thank you very much,
Cláudio Soares
09-07-2012 04:04 AM
Hi,
The CSS is indifferent to the Common Name in an SSL certificate used for SSL termination,
so using a wildcard certificate would be no different than using a standard certificate.
If using the CSS to generate the Certificate Signing Request, just enter the Common
Name with the leading asterisk for the subdomain portion of the hostname. Example:
Common Name (your domain name) [www.mycompany.com]*.domain.com
The only difference in configuring SSL termination would be that you could
reuse the SSL certificate (in the ssl-proxy-list) for all the different vips that the
subdomains resolve to without having to worry about pop-up warnings on client's browsers
(example attached). Or, if your subdomains resolve to the same vip, the CSS configuration
wouldn't be any different.
Regards,
Siva
09-07-2012 04:10 AM
09-07-2012 04:26 AM
Hi,
If you are referring to Subject Alternative Name (SAN) SSL Certificates
then the CSS should support them as it is the client that has to verify
them correctly.
If it is issued with multiple names that resolve to same IP, if you
install the wildcard cert on the CSS should be able to successfully
terminate the SSL session.
-
Siva
09-07-2012 04:30 AM
How can i genetrate a certificate with SAN in CSS?
Regards,
Cláudio Soares
09-07-2012 09:36 AM
Hello Claudio,
Is not possible with the CSS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide