RE: SSL Certificates

["Dan Denton" <ddenton () remitpro com>]

Sorry for pulling a stupid!

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Dan Denton
Sent: Monday, December 08, 2008 6:48 PM
To: 'CORP John Porter'; security-basics () securityfocus com
Subject: RE: SSL Certificates

John,

You'll need what's usually referred to as a "wildcard certificate". One of
these will cover multiple servers under the same domain name. For example,
abc.company.com, xyz.company.com, mail.company.com, etc....

Dan



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of CORP John Porter
Sent: Monday, December 08, 2008 3:27 PM
To: security-basics () securityfocus com
Subject: SSL Certificates

I am trying to use a Wildcard SSL certificate, i.e. *.company.com, for
authentication to a wireless network and I can't get it to work. I have
been given about 6 different reasons for why it isn't working. The
latest explanation is that when you get an SSL certificate from GoDaddy
or Entrust you must first create a Certificate Signing Request that you
then submit to the Authority. The theory is that even though you request
a certificate for a CN of *, the CSR has information about the server
that created the CSR and that therefore the wildcard certificate will
work for any sub-domain of company.com, but only on the server that
created the CSR. Therefore, if I have 5 different servers where I want
to use *.company.com, I must create. 5 CSRs, and purchase 5
certificates. Does this make sense?