New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
SSL cert question
I've just activated ssl cert on one of my domains, actually on a subdomain sub.mydomain.tld
I was under impression that if I generate SSL cert for a subdomain, it will also work for the domain itself, however accessing the site gives me an error "Server certificate doesn't match the URL"
Why is that?
Comments
Unless you have a wildcard SSL I don't believe that will work.
It's sub-domain only, yes.
For using on multiple subdomains, you will need a wildcard cert.
On a budget? You can grab an AlphaSSL Wildcard for $45
the cert for https://something.mydomain.com usually should also work for https://mydomain.com
at least in the case when "something" = "www"
some providers give you www.domain for free if you use the certificate for the domain on its own
When you activate on for example subdomain.domain.com, it only works on that domain. When you activate it on www.domain.com (www being the subdomain) it works on www.domain.com as well as domain.com (With most providers, probably all)
on the other hand, can I have more than one SSL on the same IP? one for subdomain and another for main domain?
sure
SNI
You need a Wild Card SSL.
I get mine at namecheap.
Some SSL providers will certify the certificate for both subdomain.mydomain.tld and mydomain.tld, but depends on the provider. With Godaddy, if you submit a certificate request for "www.mydomain.tld", it will come back to you signed for both "www.mydomain.tld" and "mydomain.tld". They started doing this from about 2008 or 2009. I have no idea if they do the same dual-hostnames if you specify another subdomain other than "www." in the "canonical name" field.
Btw, to check a certificate, go here
http://www.sslshopper.com/certificate-decoder.html
or run the openssl linux command displaye there, and look at the "Subject Alternative Names" field to see what hostnames it was signed for.
@Alex - you need a wildcard certificate. We sell those at a very low cost, check out our website.
Actually if you can use more than one cert for any given domain I don't need anything, as I've few regular ones lying around.
Thanks for all the answers folks!
Anyone know if the AlphaSSL Wildcard allows usage on "domain.tld" as well as "*.domain.tld"?
Yes it does