ssl - Is a Wildcard SAN certificate possible? -
is possible secure multiple domains single certificate using wildcard domains , san?
for example, 1 san certificate secures both *.domain1.com , *.domain2.com
?
everything have read far seems indicate can have either wildcard certificate (*.domain1.com) or san certificate (host1.domain1.com, host2.domain2.com), not combination. correct?
i assume use want use certificate http. in case need @ rfc 2818. rfc defines common name should used if no subject alternative names configured, allows wildcards certificates in san extension. should possible combine several non-wildcard , wildcard certificates inside san part of certificate.
it looks various cas have different policies creating certificates mixing wildcard , non-wildcard: while thawte argues mixing not possible (https://community.thawte.com/blog-posts/difference-between-wildcard-ssl-vs-san-certificate) digicert propagates best of both worlds (http://www.digicert.com/ssl-support/wildcard-san-names.htm). seems more limitation of cas , not of browsers , not of standard.
Comments
Post a Comment