Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
We have a SSL cert from Symantec for foo.bar.com. Now we want our site to be know as foo.baz.com while still maintaining the old name. Both bar.com and baz.com resolve to the same IP. If I go to foo.baz.com it says the site is not secure. How I can use the same cert for both domain names when they are the same IP?
You have already purchased SSL certificate for foo.ar.com but not for foo.baz.com that's why it says 'site is not secure'.
Symantec SSL certificates are giving support for SAN (Subject Alternative Names) so you can manage multi domain names with single Symantec SSL certificate so add you domain name foo.baz.com in existing SSL certificate.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I will buy a sll certificate and I will put on my server, what will happen except the transition from http to https?
If I will use openssl to secure connections instead of ssl certificate?
I will buy a sll certificate and I will put on my server, what will happen except the transition from http to https?
There's more to it than that, the server also needs to start serving on port 443 and ssl support needs to be turned on.
If I will use openssl to secure connections instead of ssl certificate?
They're not alternatives to each other. You need both a ssl certificate and an ssl library.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I have a commercial SSL Certificate for my website, say https://www.xyz.com
The SSL is configured in apache-vhosts.config (Apache virtual host port 443)
I am planning to introduce sub-domains like:
http://apples.xyz.com
http://oranges.xyz.com
http://mangoes.xyz.com
These will all be configured as Virtual Hosts in Apache Config.
Question:
Do i need to buy separate SSL Certificates for each of these sub-domains, or will my existing commercial SSL Certificate work?
This depends on the type of SSL certificate you purchased. If you bought a wildcard SSL certificate, or one that explicitly has subdomains in it, you're probably good to go. If you bought a cert that only has www.xyz.com defined, then you're not going to be able to use the same cert for the different subdomains.
If you bought for only the www subdomain, then depending on your server topology, you could either buy a cert for each subdomain, and use different IP for each subdomain (or if you don't care about older browsers, use Server Name Indication).
My recommendation if you bought a single domain SSL cert, and you're going to have many subdomains, just to bite the bullet and buy a wildcard certificate.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 9 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I own a domain at my DNS provider. I've pointed it to my house. My house keeps the IP address at the domain updated through dynamic DNS, so the A record always points to my IP address. I run OpenVPN at my house so I can connect from elsewhere. It's using a self-signed certificate. So, of course, I get SSL warnings when I connect.
My question is, Can I obtain an SSL certificate from StartSSL (free), set it up on OpenVPN, and get my browser to recognize the certificate as valid? For that matter, can I get any SSL certifcate to validate for any personal, development site I might set up at home in this situation? (OpenVPN.example.com, TestSite.example.com, etc)
(OpenVPN is not using port 443 or port 80, because I've heard that ISPs don't like it when you use those...)
The short answer is Yes. When creating a SSL certificate request you set the "common name" to the DNS name of the host. You can change the type of DNS record (e.g. A, CNAME, etc.) or record value (e.g. 192.168.1.2) at anytime as long as the record name (e.g. vpn.example.com) is the same.
For a browser to recognize a SSL certificate (not give warnings upon connection) a matching Certificate Authority (CA) must ship (or be manually added) to your browser or OS. To avoid SSL warnings with self-signed certificates you could instead provision a cert using a local/custom CA and install its root certificate on any necessary computers.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
What is stopping one from getting a signed SSL certificate to a domain he/she does not own?
I.e. What checks are made to make sure one cannot simply buy a new certificate for google.com and go about doing evil...
Surely the whole point of giving (a ridiculous sum of) money to a CA is so that people are without doubt that the server they are connecting to is the correct one. No?
Thanks.
It is up to the CA to ensure that the person applying for a certificate own the domain.
One method that is often being used for cheap SSL certificates is whois lookup
But methods can vary from CA to CA and the level of trust the certificate gives.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Please note this is not a complaint. I am just wondering what the cost is to Heroku for providing custom-domain SSL, if there is one, as they do not provide the SSL certificate. As i understand it it is quite common to provide SSL support for free, and charge for the certificate itself.
For reference: Custom-domain SSL
In order to use your own SSL certificate with a shared server, your site must run on its own dedicated public IP address.
(since the server needs to send the SSL cert before the browser tells it which host it's connecting for)
IP addresses are a scarce commodity.