Difference between revisions of "Wildcard certificate"

From wikieduonline
Jump to navigation Jump to search
 
(14 intermediate revisions by one other user not shown)
Line 1: Line 1:
Wildcard certificates do not valid for <code>*.example.com</code> or <code>www.example.com</code> and <code>example.com</code>. If you need a cert to work for example.com and www.example.com, you need to request a certificate with <code>[[subjectAltNames]]</code> so that you have "example.com" and "*.example.com".
+
[[wikipedia:Wildcard certificate]]s
  
  
 +
==Limitations==
 +
* Only a single level of [[subdomain]] matching is supported in accordance with {{IETF RFC|2818}}.<ref>[https://support.quovadisglobal.com/KB/a60/will-ssl-work-with-multilevel-wildcards.aspx?KBSearchID=10223 Wildcard SSL certificate limitation on QuovadisGlobal.com]</ref>
 +
 +
* [[wikipedia:Wildcard certificate]]s do not valid for <code>*.example.com</code> or <code>www.example.com</code> and <code>example.com</code>. If you need a cert to work for example.com and <code>www.example.com</code>, you need to request a certificate with <code>[[subjectAltNames]]</code> so that you have "example.com" and "*.example.com".
 +
 +
* [[DNS-01 challenge]] must be used to issue/renew wilcard cerfificates, [[HTTP-01 challenge]] is not allowed<ref>https://letsencrypt.org/docs/challenge-types/</ref> only available via [[ACMEv2]]
 +
 +
==Activities ==
 +
* Use [[Let's Encrypt]] <code>[[certbot]]</code> to request a wildcard certificate (since [[2018]]<ref>https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579</ref>)
 +
* Renews your wilcard certificate: <code>[[certbot renew]]</code>
 +
 +
== Related terms ==
 +
* RFC 2818
 +
* [[Wildcard DNS record]]
  
 
== See also ==
 
== See also ==
 
* {{HTTPS}}
 
* {{HTTPS}}
* {{DNS}}
+
* {{CA}}
 +
* {{TLS}}
  
 
[[Category:IT Security]]
 
[[Category:IT Security]]

Latest revision as of 08:43, 30 March 2023

wikipedia:Wildcard certificates


Limitations[edit]

  • wikipedia:Wildcard certificates do not valid for *.example.com or www.example.com and example.com. If you need a cert to work for example.com and www.example.com, you need to request a certificate with subjectAltNames so that you have "example.com" and "*.example.com".

Activities[edit]

Related terms[edit]

See also[edit]

  • Wildcard SSL certificate limitation on QuovadisGlobal.com
  • https://letsencrypt.org/docs/challenge-types/
  • https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579
  • Advertising: