SSL for Wildcard Sub-Domains - ssl

I am trying to setup wildcard sub-domain. So my domain is www.mydomain.com so anything comes like this test.mydomain.com, welcome.mydomain.com will work, that is fine.
When it comes to SSL, if I am buying SSL for www.mydomain.com then will that same SSL certificate works for test.mydomain.com, welcome.mydomain.com? Since they are not real sub-domains just virtual.
If not do I need to buy wildcard SSL?
If I think technically all the wildcard sub-domains will point to same root folder and IP. From there using my code I will deliver different content. In that case my SSL certificate for www.mydomain.com will also work for test.mydomain.com right? I am not sure.
Any Guess?

NAME in the SSL certificate must exactly match domain name of the site. You need wildcard certificate. Non-wildcard will produce a wrong-site warning.

Related

SSL certificate is not working for subdomain with www

We are running our website on IIS. In the domain settings, example.com and www.example.com are pointing to same IP Address.
The website works fine for https://example.com and https://www.example.com and https://stage.example.com
but for:
https://www.stage.example.com
We are getting Not Secure error.
Is it related to how SSL certificate is setup?
Added http & https bindings in IIS for both stage.example.com and www.stage.example.com
If you have a non-www and fully-qualified domain name of the same domain, a single domain (standard) SSL certificate would be enough to cover both. However, if you have multiple subdomains that you need to cover, then you need a wildcard SSL certificate.
For example:
Scenario 1: If you want to secure only two versions of your domains — domain.com and www.domain.com — a single domain SSL would be fine.
Scenario 2: If you want to secure the first level of subdomains (other than www.domain.com) — such as mail.domain.com or test.domain.com — a single domain SSL will not be enough. You must buy a wildcard SSL certificate

Can i implement Wild card SSL certificate on Two Domains?

I have Wild Card SSL Certificate and i need to implement it on multiple domains. on first it is being implemented and on second i have to implement. Is it possible that i can implement the same certificate on Two Domains. Domains are hitting the same IP Address, means hosted on same server. But having different Domains first is like: https://erp.example.com and Second is http://app.example.com. Both application are differently hosted on IIS.
Please suggest.
If the certificate is a *.example.com cert, then yes, you can. That is, after all, the whole point of a wild card certificate: to support any domain combination of the base domain.
We do it ourselves.
I'm unsure if that is your actual question though.
If you have enabled your Wildcard SSL certificate for your domain *.example.com then yes you can secure both subdomains erp (.dot) example.com and app (.dot) example.com.
Below resources will help you to install Wildcard SSL certificate on IIS server very easily:
https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=SO19990
https://www.clickssl.net/blog/how-to-install-wildcard-ssl-certificate-in-iis-7
You are questioning about two domains, but actually you have two sub-domains under single domain and if you already have Wildcard SSL certificate, your all sub-domains will be protected. Wildcard SSL issued on *.example.com will automatically secure unlimited number of sub-domains. It does not really matter your sub-domains are hosted on same server or differently, you can secure all with Wildcard Certificate.
What will be secured with single Wildcard SSL;
https://app.example.com
https://erp.example.com
https://anything.example.com
Ps: Wildcard certificate will help you secure sub-domain only first level.

Should an SSL certificate be made for www.domain.com or domain.com and how should it be configured?

When setting up a single domain website with an SSL certificate, what domain should the certificate be registered as for it to work properly with both www.domain.com and domain.com?
... to work properly with both www.domain.com and domain.com?
A certificate must match all domains which it should be used for. In this case it is enough to get a certificate containing these two domains. A certificate containing www.example.com only can not be used for example.com.
There are different types of SSL cert which do different things. My advice is to contact the Certificate issuer and ask them what you need.

Wildcard certificate not valid for mydomain.com

I created Wildcard certificate to support my site domain and subdomains.
The new certificate works for my subdomains (e.g www.mydomain.com , sub.mydomain.com)
But when I try to get to mydomain.com I get certificate warning: "the certificate is only valid for *.mydomain.com"
Is it a problem with my configuration or just the Wildcard certificate doesn't support it?
For supporting both example.com and subdomain.example.com the certificate needs to include both *.example.com and example.com as subject alternative names. I assume that the last one is missing from your certificate.
I guess you have purchased wildcard ssl certificate from thawte or symantec, which does not support equally www and non-www. In the past, I purchased thawte wildcard certificate and faced the same type of issue. I just discussed with my vendor to get the solution, they gave me technical support instantly and suggest alphassl wildcard -
https://www.ssl2buy.com/alphassl-wildcard.php. After that, I switched over to alphassl wildcard that works fine on my both domain names mydomain.com, www.mydomain.com as well anything.mydomain.com.

What should I put in Host Name when buying a DNSimple SSL certificate for it to work with the Heroku ssl addon?

I'm confused with this line in the Heroku docs (https://devcenter.heroku.com/articles/ssl-certificate)
You must enter a subdomain in the “Host Name” field. Leaving it blank will generate a root-domain certificate which is not compatible with Heroku’s SSL endpoint.
What I want is https://foo.com and https://www.foo.com to work.
So what do I need to fill in this field to get a SSL certificate that will help me achieve the above?
The rest of the steps (setting CNAME to Heroku's SSL endpoint, adding an ALIAS to redirect the root domain etc) are clear to me. I'm just stuck on this step, should it be blank or 'www' or something else?
If you want your certificate to be valid for the rood domain AND the www hostname, then you should use the www.example.com version.
You can also purchase a wildcard, but unless you need to support any extra subdomain, the cost is not worth in this case.
More details are available in the support page Selecting the Certificate Hostname.
You should fill in www.
www is just a subdomain so that will solve your www.foo.com problem but you will have to redirect the naked domain https://foo.com to the www one though.
Enter "*" for your host name, it will be valid for all subdomains including the root subdomain.