I've read many a post, but feel I'm still missing some information
regarding the specifics as they apply to my configuration.

Currently my server hosts 4 sites.
www.domain.com - at IP 1.1.1.1 (http) - public to all
intranet.domain.com - at 1.1.1.1:443 (https) - requires authentication
private1.intranet.domain.com - virtual host servername 1.1.1.2:443
(https) requires separate authentication
private2.intranet.domain.com - virtual host servername 1.1.1.3:443
(https) requires separate authentication

I would like to generate a single wildcard certificate that can be
used for the 3 SSL sites, but I feel like I'm missing something. Can
someone confirm for me that the above is possible. I'm currently
migrating these sites to a new server and will be generating a new key
for the server as well.

For the wildcard certificate I think I need to generate a cert for
*.intranet.domain.com, but will this allow me to use SSL for the
intranet.domain.com site as well since there is no subdomain or
leading "."? This all needs to happen without interfering with the
non SSL site at the same IP.

Any would be greatly appreciated.

BT.Techadmin@gmail.com wrote:
> I've read many a post, but feel I'm still missing some information
> regarding the specifics as they apply to my configuration.
>
> Currently my server hosts 4 sites.
> www.domain.com - at IP 1.1.1.1 (http) - public to all
> intranet.domain.com - at 1.1.1.1:443 (https) - requires authentication
> private1.intranet.domain.com - virtual host servername 1.1.1.2:443
> (https) requires separate authentication
> private2.intranet.domain.com - virtual host servername 1.1.1.3:443
> (https) requires separate authentication
>
> I would like to generate a single wildcard certificate that can be
> used for the 3 SSL sites, but I feel like I'm missing something. Can
> someone confirm for me that the above is possible. I'm currently
> migrating these sites to a new server and will be generating a new key
> for the server as well.
>
> For the wildcard certificate I think I need to generate a cert for
> *.intranet.domain.com, but will this allow me to use SSL for the
> intranet.domain.com site as well since there is no subdomain or
> leading "."? This all needs to happen without interfering with the
> non SSL site at the same IP.
>
> Any would be greatly appreciated.
>

I can't answer your question but I can add some information. From
experience, I know that a wildcard cert for *.domain.com will NOT work
for a.b.domain.com. In this case, the * is for one level only. I
suspect your question is well founded.

Jim

On Feb 16, 6:54 pm, Jim Hayter <see.reply...@nowhere.invalid> wrote:
> BT.Techad...@gmail.com wrote:
> > I've read many a post, but feel I'm still missing some information
> > regarding the specifics as they apply to my configuration.
>
> > Currently my server hosts 4 sites.
> >www.domain.com- at IP 1.1.1.1 (http) - public to all
> > intranet.domain.com - at 1.1.1.1:443 (https) - requires authentication
> > private1.intranet.domain.com - virtual host servername 1.1.1.2:443
> > (https) requires separate authentication
> > private2.intranet.domain.com - virtual host servername 1.1.1.3:443
> > (https) requires separate authentication
>
> > I would like to generate a single wildcard certificate that can be
> > used for the 3 SSL sites, but I feel like I'm missing something. Can
> > someone confirm for me that the above is possible. I'm currently
> > migrating these sites to a new server and will be generating a new key
> > for the server as well.
>
> > For the wildcard certificate I think I need to generate acertfor
> > *.intranet.domain.com, but will this allow me to use SSL for the
> > intranet.domain.com site as well since there is no subdomain or
> > leading "."? This all needs to happen without interfering with the
> > non SSL site at the same IP.
>
> > Any would be greatly appreciated.
>
> I can't answer your question but I can add some information. From
> experience, I know that a wildcardcertfor *.domain.com will NOT work
> for a.b.domain.com. In this case, the * is for one level only. I
> suspect your question is well founded.
>
> Jim


Thanks Jim.