When setting up a single domain website with an SSL certificate, what domain should the certificate be registered as for it to work properly with both www.domain.com and domain.com?
... to work properly with both www.domain.com and domain.com?
A certificate must match all domains which it should be used for. In this case it is enough to get a certificate containing these two domains. A certificate containing www.example.com only can not be used for example.com.
There are different types of SSL cert which do different things. My advice is to contact the Certificate issuer and ask them what you need.
Related
We are running our website on IIS. In the domain settings, example.com and www.example.com are pointing to same IP Address.
The website works fine for https://example.com and https://www.example.com and https://stage.example.com
but for:
https://www.stage.example.com
We are getting Not Secure error.
Is it related to how SSL certificate is setup?
Added http & https bindings in IIS for both stage.example.com and www.stage.example.com
If you have a non-www and fully-qualified domain name of the same domain, a single domain (standard) SSL certificate would be enough to cover both. However, if you have multiple subdomains that you need to cover, then you need a wildcard SSL certificate.
For example:
Scenario 1: If you want to secure only two versions of your domains — domain.com and www.domain.com — a single domain SSL would be fine.
Scenario 2: If you want to secure the first level of subdomains (other than www.domain.com) — such as mail.domain.com or test.domain.com — a single domain SSL will not be enough. You must buy a wildcard SSL certificate
Our site has a lot sub-domains which we all secure with a wildcard SSL certificate. Now we want to add an EV-SSL certificate for our www sub-domain to increase security and trust in our site. The other sub-domains still have to use the wildcard certificate.
The site is configured as a single site on IIS 7 with all sub-domains listed as http(s) bindings.
Is it possible in IIS 7 to use these two certificate types on one domain?
Yes, it is possible to have two different certificates for the same domain name with the help of SNI technology and need to binding your certificates during configuration.
You need to request EV SSL certificate for your example.com which will secure both versions of the domain as www and non-www.
For subdomains security, you can apply for Wildcard SSL certificate for *.example.com
References –
https://www.ssl2buy.com/wiki/server-name-indication-sni-use-multiple-ssl-on-a-single-ip
https://support.comodo.com/index.php?/Knowledgebase/Article/View/639/0/certificate-installation-microsoft-iis-7x
No, it is not possible that you can use two SSL certificate type for same domain name. Because SSL certificate is issued to FQDN (Fully Qualified domain name).
So you can't use two SSL certificate for same domain name.
For example,
If you are using wildcard ssl certificate for blog.xyz.com then you can't take EV SSL certificate for that same domain name.
I have Wild Card SSL Certificate and i need to implement it on multiple domains. on first it is being implemented and on second i have to implement. Is it possible that i can implement the same certificate on Two Domains. Domains are hitting the same IP Address, means hosted on same server. But having different Domains first is like: https://erp.example.com and Second is http://app.example.com. Both application are differently hosted on IIS.
Please suggest.
If the certificate is a *.example.com cert, then yes, you can. That is, after all, the whole point of a wild card certificate: to support any domain combination of the base domain.
We do it ourselves.
I'm unsure if that is your actual question though.
If you have enabled your Wildcard SSL certificate for your domain *.example.com then yes you can secure both subdomains erp (.dot) example.com and app (.dot) example.com.
Below resources will help you to install Wildcard SSL certificate on IIS server very easily:
https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=SO19990
https://www.clickssl.net/blog/how-to-install-wildcard-ssl-certificate-in-iis-7
You are questioning about two domains, but actually you have two sub-domains under single domain and if you already have Wildcard SSL certificate, your all sub-domains will be protected. Wildcard SSL issued on *.example.com will automatically secure unlimited number of sub-domains. It does not really matter your sub-domains are hosted on same server or differently, you can secure all with Wildcard Certificate.
What will be secured with single Wildcard SSL;
https://app.example.com
https://erp.example.com
https://anything.example.com
Ps: Wildcard certificate will help you secure sub-domain only first level.
I created Wildcard certificate to support my site domain and subdomains.
The new certificate works for my subdomains (e.g www.mydomain.com , sub.mydomain.com)
But when I try to get to mydomain.com I get certificate warning: "the certificate is only valid for *.mydomain.com"
Is it a problem with my configuration or just the Wildcard certificate doesn't support it?
For supporting both example.com and subdomain.example.com the certificate needs to include both *.example.com and example.com as subject alternative names. I assume that the last one is missing from your certificate.
I guess you have purchased wildcard ssl certificate from thawte or symantec, which does not support equally www and non-www. In the past, I purchased thawte wildcard certificate and faced the same type of issue. I just discussed with my vendor to get the solution, they gave me technical support instantly and suggest alphassl wildcard -
https://www.ssl2buy.com/alphassl-wildcard.php. After that, I switched over to alphassl wildcard that works fine on my both domain names mydomain.com, www.mydomain.com as well anything.mydomain.com.
I am trying to setup wildcard sub-domain. So my domain is www.mydomain.com so anything comes like this test.mydomain.com, welcome.mydomain.com will work, that is fine.
When it comes to SSL, if I am buying SSL for www.mydomain.com then will that same SSL certificate works for test.mydomain.com, welcome.mydomain.com? Since they are not real sub-domains just virtual.
If not do I need to buy wildcard SSL?
If I think technically all the wildcard sub-domains will point to same root folder and IP. From there using my code I will deliver different content. In that case my SSL certificate for www.mydomain.com will also work for test.mydomain.com right? I am not sure.
Any Guess?
NAME in the SSL certificate must exactly match domain name of the site. You need wildcard certificate. Non-wildcard will produce a wrong-site warning.