Difference between revisions of "Wildcard certificate"
Jump to navigation
Jump to search
↑ Wildcard SSL certificate limitation on QuovadisGlobal.com
Tags: Mobile web edit, Mobile edit |
Tags: Mobile web edit, Mobile edit |
||
| Line 1: | Line 1: | ||
| − | [[wikipedia:Wildcard certificate]]s do not valid for <code>*.example.com</code> or <code>www.example.com</code> and <code>example.com</code>. If you need a cert to work for example.com and <code>www.example.com</code>, you need to request a certificate with <code>[[subjectAltNames]]</code> so that you have "example.com" and "*.example.com". | + | [[wikipedia:Wildcard certificate]]s |
| + | |||
| + | |||
| + | ==Limitations== | ||
| + | * Only a single level of [[subdomain]] matching is supported in accordance with {{IETF RFC|2818}}.<ref>[https://support.quovadisglobal.com/KB/a60/will-ssl-work-with-multilevel-wildcards.aspx?KBSearchID=10223 Wildcard SSL certificate limitation on QuovadisGlobal.com]</ref> | ||
| + | |||
| + | * [[wikipedia:Wildcard certificate]]s do not valid for <code>*.example.com</code> or <code>www.example.com</code> and <code>example.com</code>. If you need a cert to work for example.com and <code>www.example.com</code>, you need to request a certificate with <code>[[subjectAltNames]]</code> so that you have "example.com" and "*.example.com". | ||
Revision as of 17:32, 27 March 2020
wikipedia:Wildcard certificates
Limitations
- Only a single level of subdomain matching is supported in accordance with Template:IETF RFC.[1]
- wikipedia:Wildcard certificates do not valid for
*.example.comorwww.example.comandexample.com. If you need a cert to work for example.com andwww.example.com, you need to request a certificate withsubjectAltNamesso that you have "example.com" and "*.example.com".
Activities
- Use
certbotto request a wildcard certificate
See also
- HTTP, HTTP client, HTTP/1.1, HTTP/2, HTTP/3, HTTPS, HSTS CSR, TLS, SSL,
openSSL, WebSockets, WebRTC,ssl_certificateQUIC, HPKP, CT, List of HTTP status codes, URL redirection, Content-type:, Webhook, HTTP headers,--insecure, Axios HTTP client, HTTP cookies, HTTP ETag - CA, Root Certificates, FreeIPA, PKI, OpenCA, Wildcard certificate,
certtool,certbot(Let's Encrypt),certinfo(Cloudflare), ACME, Boulder,cfssl(Cloudflare), Public key certificate, public key, TLS and X.509, OCSP, Subject Alternative Name (SAN),openssl ca, Self signed certificate, CSR,keytool, ACM, KMS,aws acm, IdenTrust, multirootca, cert-manager, ca_cert_identifier - DNS: Linux DNS, IP,
systemd-resolve,/etc/hosts,whois, Domain registrar,dig,host,nslookup,scutil --dnsdnsmasq,bind,delv,.local,.internal, .onion, FQDN, TTL,/etc/resolv.conf,/etc/systemd/resolved.conf,dscacheutil(macOS),hostname, hostnamectl,bind,resolvectl status, DNS sinkhole, Domain name server, LLMNR, Resource records:MX, TXT, NS, CAA, SSHFP, Apex, CNAME, Wildcard DNS records, Subdomain, /etc/nsswitch.conf,1.1.1.1,8.8.8.8, CoreDNS, dnsPolicy:, Google Public DNS, DNS caches, Kubernetes ExternalDNS, DNS forwarding, IDNA2008, DNS-1035, Domain name registrars, Split-view DNS, Pi-hole, NextDNS
Advertising:
