Will a wildcard cert conflict with a matching single cert?


#1

I have a digitalocean serverpilot apache/nginx droplet with several SSL certs already in play, some for subdomains others for mapped root domains (ie. subdomain.domain.com and domain.com).

To cover future subdomain creation I want to install a wildcard ssl cert. Will this conflict with certificates I already use for existing subdomains?


#2

Depends how you install the certificate.

Each VirtualHost in Apache/nginx is configured to serve a limited set of domains and will use the certificate it is told to use.

Are you using Certbot? Are you using certonly or --apache/--nginx ?


#3

The certificate itself does not dictate its’ use.
That is done with the server_name and server_alias directives in (nginx) vhost config server blocks.
(servername and serveralias in Apache)

You could search through your configs to better understand what you are already using.
grep -Eri 'server_name|server_alias' /etc/nginx
grep -Eri 'servername|serveralias' /etc/apache2


#4

So is that a yes? If I have an INSTALLED certificate that works for subdomain.domain.com and I set up an additional wildcard *.domain.com certificate do I need to remove all confugration relating to any subdomain(s).domain.com?


#5

No. You can, but you don’t have to.


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.