Educause Security Discussion mailing list archives
Re: Wildcard certs; to use or not to use
From: Matthew Hodgett <m.hodgett () QUT EDU AU>
Date: Thu, 3 Jan 2013 11:44:19 +1000
We do not use wildcard SSL certificates. While much of our infrastructure is centralised, the services running on top of it is not necessarily. We do have a web based system that service owners use to request certificates and also sends out reminders of pending expiration. It is easier for us to let service owners manage their environment than it would be keeping track of a wildcard certificate and its associate private key. In a large environment with many hands involved I would not trust a wildcard certificate to continue to be used appropriately over a longer period of time. Matthew On 05/12/12 01:19, Mike Fox wrote:
Has anyone used wildcard certs for their university domain? What are the pros and cons? We are in the process of moving our public pages to a hosting site and I've been asked if wildcard certs can be used. I assessed using wild card certs in the past (based on the way they wanted to use them) and deemed the risk was to great. The environment they want to do this in now is with multiple domains on one IP address. Any input would be appreciated. *Mike Fox* Georgia Southern University Information Security Office (912)478-1592 Jeremiah 29:11-16
-- Matthew Hodgett, MInfTech, CISSP Senior IT Security Engineer | Queensland University of Technology Phone: (07) 313 89454 | Fax: (07) 31382921 QUT Classifications, refer MOPP F/1.2.5 CRICOS No. 00213J ----DIGITAL SIGNATURE START---- A11I5BAD000769832858795AD56EC57E5C798A786E768DA87ED76F785EAFA7F577D ----END SIGNATURE----
Current thread:
- Re: Wildcard certs; to use or not to use Matthew Hodgett (Jan 02)