ZeroSSL is a good client and will create a SAN (multi domain certificate) for you. You should cover both of these as it looks like your server is listening for both www.computerdatabase.com and computerdatabase.com domains
These are both terms from X.509 jargon, but Let's Encrypt in particular ignores organization name because of the theory that we cannot really confirm automatically what "organization" operates a particular site. So, the subject ON field is left out of all Let's Encrypt certificates. By an old convention, the CN field is used to list a DNS domain name for a site, but modern certificate-issuing practice also uses subject alternative names (the SANs that @ahaw021 mentions), of which there can be more than one, to list all of the domain names.
Andrei - Iām behind ISA Server - each SSL has to have itās own listener, itās own ip address, so from what youāre saying (two certificates would be necessary), Iād have to use two ip addresses for each domain?
I thought Iād try the REE SSL Certificate Wizard to start and debug the process and then move on to the other techniques, but ā¦ would the technique the author of that site suggested here work on IIS6?
Or - should I just create the CSR totally within the FREE SSL Certificate Wizard? And then import that into IIS? Iām about out of my league with SSL I guess?
All thatās left is a way to automate adding the keys to the certificate stores on Windows, probably with PowerShell - and deleting any older expired certificates?
Is it possible to create a wildcard cert using the ZeroSSL downloadable client? I often have a prefix when Iām testing other than www or nothing.
I read the doc where you referenced for ECC certs. Iād heard about Elliptic Curve Cryptography on the Security Now podcast.
If Iām reading it properly, even the latest Firefox on an XP machine wouldnāt be able to read it - or ā¦ will it? I actually have some clients running XP.
Since ZeroSSL uses Letās Encrypt API and Letās Encrypt does not provide wildcard certificates (at least for now), the answer to the first question is no.
As for the ECC compatibility, recent versions of Firefox on XP do not seem to have any problems with that at all. Additionally, if you are using NginX for example as your web-server, you can easily specify both ECC and RSA versions - see https://scotthelme.co.uk/hybrid-rsa-and-ecdsa-certificates-with-nginx/ for details.
If you want the client specifically in Perl (for example to develop additional modules), then Strawberry Perl portable edition would be the best choice. Installation instructions can be found at https://zerossl.com/installation.html
However, if you just want a Windows client and do not plan to do any Perl development, then you might consider using Windows binaries instead - they are also fully portable and do not require any installation.
My preference is the windows binaries alone - I looked at the readme.md and it seem to imply Iād need Perl āWith Windows you donāt have to install anything but Perlā, which confused me. Thanks!!