Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
I have a web application with nginx. I would like to have unlimited subdomains. When I open subdomain.domain.com I see in my Chrome:
Your connection is not private
Attackers might be trying to steal your information from subdomain.domain.com (for example, passwords, messages, or credit cards).
Back to safetyAdvanced
NET::ERR_CERT_COMMON_NAME_INVALID
I can't understand how to fix this issue. I should add another SSL cert for all subdomains or I need different cert for every subdomain? Can someone explain what is the correct flow here?
Thanks!
A wildcard SSL certificate would allow you to have unlimited subdomains with a single certificate.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I've noticed it is a lot cheaper to buy a single website SSL certificate than a wildcard certificate.
My question is if I have 2 applications setup in IIS:
1. website.com
2. subdomain.website.com
Firstly, would I be able to buy 2 individual certificates for the website.com and subdomain.website.com?
Secondly, assuming I was able to buy the above certs, would it actually work?
Many thanks!
Yes you can. The domain name is recorded in CN field (single domain or a wildcard). There is also SAN extension that allows you to use the same certificate on different domains (sub.domain.com and domain.com are considered two different domains).
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
My question is the following: I'm hosting a couple of websites on a web server (Apache on Debian Wheezy) and I want to have ssl on them. Can I have one certificate and use it for every domain or should I have multiple ones? I tried to have one but the problem is that if I first visit example1 with https, then if I try to visit example2 with https, I get the content of the former, while the url is the latter.
What am I doing wrong? What is the best way to have https for every website on the server?
you need SSL certificates for each domain hosted on the box.
you can have selected domains on SSL but would require tweaking the virtual host file.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I bought a ssl certificate generated with SHA-2 algorithm.
It was successfully installed in apache2 server. I also test it with online tool like https://www.sslshopper.com and the result is completely ok, however in firefox console I got something like this
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.
I also double checked with Chrome and other browser. It seems ok.
is there any gotchas related to my certificate ?
please help and thanks in advance.
Your certificate is fine. The warnings logged in the Firefox console are due to resources served from other domains (speficially, s-static.ak.facebook.com, connect.facebook.comand avocado-app.s3.amazonaws.com) that use SHA-1 certificates.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
Supposed I create a certificate for *.example.com. Then this certificate of course matches www.example.com as well as foo.example.com. Basically everything under example.com.
But what about …
example.com itself?
foo.bar.example.com?
Are these matched as well by a wildcard certificate? If not - is there a way to do so?
As I've now learned you can use SANs to support example.com, and only a single level of subdomain matching is supported.
Does *.*.example.com work?
From wikipedia:
Only a single level of subdomain matching is supported.
And example.com is not covered, only anything.example.com is. SubjectAlternativeName extension is usually used to cover example.com itself.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I'm about to get an SSL Certificate for my website. In particular, it will be used because I'm switching over to a payment processor which requires it. A few "noob" questions:
1) Will I have to change any code that directs users to http://www.mysite.com to https://www.mysite.com, or will users who go to http://www.mysite.com be automatically re-directed to https://www.mysite.com?
2) I assume that https "slows" things down on a site? If this is the case, can I maintain the http everywhere on my site except when they make a payment to the processor? i.e. http://www.mysite.com/any_old_page.php, while https://www.mysite.com/pay_for_the_stuff.php
Thanks!
No, that won't happen automatically. You will have to change your server configuration to do that.
Yes, it slows things down. How much depends on the cipher suite used for the server, the server software and hardware. You should play around with different TLS cipher suites to see how much. It depends on that (and of the nature of your site) if you should only use TLS on part of your site or all of your site. As for the requirements of the payment processor: ASK!