: Can SSL Wildcards have multiple/nested levels of wildcard? I know that an SSL wildcard certificate (*.example.org) can be used to support many names under the domain (a.example.org, b.example.org,
I know that an SSL wildcard certificate (*.example.org) can be used to support many names under the domain (a.example.org, b.example.org, c.example.org). I also know that the * is only good for matching a single level of name. That is, *.example.org will not work on a.b.example.org.
What if I used a certificate with the name ..example.org? I'd like to build a certificate with the following name configuration:
CN=example.org
subjectAltName=DNS:example.org, DNS:*.example.org, DNS:*.*.example.org, DNS:*.*.*.example.org
I've tried building a few like this as self-signed certificates, but I've not had good results. For example, chrome tells me "Server's certificate does not match the URL."
Is it possible to have nested wildcards in a certificate, or do the popular browsers not support this?
edit I believe it's possible to build a cert like this: I've done so with OpenSSL. It just looks like browsers understand it. I was hoping for confirmation of that, or if I'm lucky, a "here's how you do it."
More posts by @Jessie594
1 Comments
Sorted by latest first Latest Oldest Best
Some SSL cert providers do something similar to this by providing a "subject alternative name" feature within their wildcard certs.
Digicert apparently does this but I'm not sure if Verisign does.
www.digicert.com/welcome/wildcard-plus.htm
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.