cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
510
Views
0
Helpful
2
Replies

CSS11506 - Wildcard cert ??

dclee
Level 1
Level 1

We have a need to terminate multiple SSL websites on our CSS. So name1.test.com

name2.test.com, name3.test.com etc. The problem I have found is that I need to burn 1 public VIP per SSL connection b/c they all need to use tcp 443 inbound and point to their respective cert on the CSS. Is there anyway to possibly generate a wildcard cert that matched only the last part of our domain name ( events.test.com = *.test.com ) and then get away with using only 1 VIP for the multiple sub domains ??

Thanks for your help.

Cheers

Dave

2 Replies 2

CSS can use wildcard certificate just as it uses typical server certificates.

If you are using the CSS to create the CSR, you would use a wildcard common name

- A "*" wildcard character MAY be used as the left-most name component in the certificate. For example, *.example.com would

match a.example.com, foo.example.com, etc. but would not match

example.com.

Syed

Thanks again, would this help me get away with using one VIP for the multiple sub domains ?

Essentially I would like to use one VIP with a wildcard cert for

a.example.com, foo.example.com, test.example.com.

Is this doable ? Its very doable using an Apache proxy server. I am just trying to port that functionality over to the CSS

Review Cisco Networking for a $25 gift card