Hi
I need to generate multi-domain wildcard certificate for domains *.domain1.com and *.domain2.com. I’m not sure how CSR should look. Should it have Common Name field filled, and with what value? I’m having problems finalizing an order. In particular, I’m using Certes client.
TIA
Hi,
You should at least set one domain in the common name fields…
and all domains you wish to include listed in Subject Alternative Names field…
Please Note that if you also want to secure the root domain, you will also include that in the CSR (since wildcard does not include root domain)
Thank you
P.S. Here’s a sample CSR: (Only domains are actually required & need to be precise, since LE only provide DV certificate)
----BEGIN CERTIFICATE REQUEST-----
1 Like
schoen
July 26, 2018, 10:24pm
3
I think this is now optional from the CA's perspective; maybe @cpu could confirm this?
That's true...
However, when generating CSRs, it's better to control what host is being displayed on common name field...
P.S. On the go system's certificate doesn't have a hostname on common nameMutli-Domain certificate
Thanks everyone. I found nice feature in the Certes’ API that generates CSR from LE order. Under the hood the feature is doing exactly what you suggested, it sets CN = one of a wildcard domains and sets Subject Alt Name = a list of all wildcard domains.
system
August 26, 2018, 2:23pm
6
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.