ssl - Is a Wildcard SAN certificate possible? -


is possible secure multiple domains single certificate using wildcard domains , san?

for example, 1 san certificate secures both *.domain1.com , *.domain2.com?

everything have read far seems indicate can have either wildcard certificate (*.domain1.com) or san certificate (host1.domain1.com, host2.domain2.com), not combination. correct?

i assume use want use certificate http. in case need @ rfc 2818. rfc defines common name should used if no subject alternative names configured, allows wildcards certificates in san extension. should possible combine several non-wildcard , wildcard certificates inside san part of certificate.

it looks various cas have different policies creating certificates mixing wildcard , non-wildcard: while thawte argues mixing not possible (https://community.thawte.com/blog-posts/difference-between-wildcard-ssl-vs-san-certificate) digicert propagates best of both worlds (http://www.digicert.com/ssl-support/wildcard-san-names.htm). seems more limitation of cas , not of browsers , not of standard.


Comments

Popular posts from this blog

php - regexp cyrillic filename not matches -

c# - OpenXML hanging while writing elements -

sql - Select Query has unexpected multiple records (MS Access) -