Difference between revisions of "Wildcard certificate"
Jump to navigation
Jump to search
↑ Wildcard SSL certificate limitation on QuovadisGlobal.com
↑ https://letsencrypt.org/docs/challenge-types/
↑ https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579
Tags: Mobile web edit, Mobile edit |
|||
| (6 intermediate revisions by one other user not shown) | |||
| Line 7: | Line 7: | ||
* [[wikipedia:Wildcard certificate]]s do not valid for <code>*.example.com</code> or <code>www.example.com</code> and <code>example.com</code>. If you need a cert to work for example.com and <code>www.example.com</code>, you need to request a certificate with <code>[[subjectAltNames]]</code> so that you have "example.com" and "*.example.com". | * [[wikipedia:Wildcard certificate]]s do not valid for <code>*.example.com</code> or <code>www.example.com</code> and <code>example.com</code>. If you need a cert to work for example.com and <code>www.example.com</code>, you need to request a certificate with <code>[[subjectAltNames]]</code> so that you have "example.com" and "*.example.com". | ||
| − | * [[DNS-01 challenge]] must be used to issue/renew wilcard cerfificates, [[HTTP-01 challenge]] is not allowed<ref https://letsencrypt.org/docs/challenge-types/</ref> | + | * [[DNS-01 challenge]] must be used to issue/renew wilcard cerfificates, [[HTTP-01 challenge]] is not allowed<ref>https://letsencrypt.org/docs/challenge-types/</ref> only available via [[ACMEv2]] |
==Activities == | ==Activities == | ||
| − | * Use [[Let's Encrypt]] <code>[[certbot]]</code> to request a wildcard certificate | + | * Use [[Let's Encrypt]] <code>[[certbot]]</code> to request a wildcard certificate (since [[2018]]<ref>https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579</ref>) |
| − | * Renews your wilcard certificate: <code>[[ | + | * Renews your wilcard certificate: <code>[[certbot renew]]</code> |
| + | |||
| + | == Related terms == | ||
| + | * RFC 2818 | ||
| + | * [[Wildcard DNS record]] | ||
== See also == | == See also == | ||
* {{HTTPS}} | * {{HTTPS}} | ||
* {{CA}} | * {{CA}} | ||
| − | * {{ | + | * {{TLS}} |
[[Category:IT Security]] | [[Category:IT Security]] | ||
Latest revision as of 08:43, 30 March 2023
wikipedia:Wildcard certificates
Limitations[edit]
- Only a single level of subdomain matching is supported in accordance with Template:IETF RFC.[1]
- wikipedia:Wildcard certificates do not valid for
*.example.comorwww.example.comandexample.com. If you need a cert to work for example.com andwww.example.com, you need to request a certificate withsubjectAltNamesso that you have "example.com" and "*.example.com".
- DNS-01 challenge must be used to issue/renew wilcard cerfificates, HTTP-01 challenge is not allowed[2] only available via ACMEv2
Activities[edit]
- Use Let's Encrypt
certbotto request a wildcard certificate (since 2018[3]) - Renews your wilcard certificate:
certbot renew
Related terms[edit]
- RFC 2818
- Wildcard DNS record
See also[edit]
- HTTP, HTTP client, HTTP/1.1, HTTP/2, HTTP/3, HTTPS, HSTS CSR, TLS, SSL,
openSSL, WebSockets, WebRTC,ssl_certificateQUIC, HPKP, CT, List of HTTP status codes, URL redirection, Content-type:, Webhook, HTTP headers,--insecure, Axios HTTP client, HTTP cookies, HTTP ETag, Hypertext Transfer Protocol -- HTTP/1.1 - CA, Root Certificates, FreeIPA, PKI, OpenCA, Wildcard certificate,
certtool,certbot(Let's Encrypt),certinfo(Cloudflare), ACME, Boulder,cfssl(Cloudflare), Public key certificate, public key, TLS and X.509, OCSP, Subject Alternative Name (SAN),openssl ca, Self signed certificate, CSR,keytool, ACM, KMS,aws acm, IdenTrust, multirootca, cert-manager, ca_cert_identifier - TLS, mTLS: OpenSSL, LibreSSL, BoringSSL, WolfSSL, X.509,
.pem, SNI, CT, OCSP, Mbed TLS, ALPN,your connection is not private, SSL Certificate Checker, Wildcard certificate, JA3 fingerprint, sslcan, TLS inspection
Advertising:
