Does issuing a new cert for the same domain on different server work?


#1

I have an existing production server with a valid certificate which contains following domains:

domain.com
beta.domain.com

Now, I created an additional server for a beta page. I would like to create a certificate on this server for beta.domain.com only. Can I do this at this point? My production certificate needs to stay valid because I have SSL pinning implemented for now.

So my question is: Will issuing on a new server for beta domain affect a production certificate, which includes the same beta domain?

Thanks for the help.


#2

Hi @marcs

normally, you can do this. But: What’s your domain?

There are some limits, but to check this, your domain name is required.

Productive certificates are logged:

https://crt.sh/
https://transparencyreport.google.com/https/certificates

And: You can also use the existing certificate, you don’t need a new.


#3

To be a bit more clear - issuance of a new certificate will not, in any way, affect the validity of previously-issued certificates, even if they’re identical. This is a totally acceptable configuration in many instances.

What JuergenAuer was referencing is that you will be able to create a maximum of five duplicate certificates in any seven day period, or twenty certificates including the same base domain (domain.com in your example) per seven days.


#4

I have issued a new cert on different server for the same domain and original cert still works. Thank you for the limit information, I will not reach that limit, but it’s nice to know.

Thanks!


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.