[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Wildcard Certificates - Do they work?

Subject: Re: Wildcard Certificates - Do they work?
From: email@hidden
Date: Tue, 28 Jul 2009 08:33:25 +1000
Delivered-to: email@hidden
Delivered-to: email@hidden

Yes. That is what wildcard certs are for, and they're not new. They're pretty expensive though, when they come from trusted root CAs. The cost benefit is only there if the wildcard cert saves you money vs. getting individual certs for each unique DNS name in question. So, it's a simple issue of doing the math.

Do they work with OS X Server?

Yes. It's just a cert. And any cert can be used with any web site; it's the client (browser) that decides about things like host/cert mismatches, etc., and a wildcard cert for *.foo.com works for [anything].foo.com.

How do you install it? The same cert on every server in question?

Yes.

Anyone done this?

Yes. ;-)

Wow..that was fast...thank you!

one last question....you said that the browser decides whether to accept it or not.

What if the client isn't a web browser...it's an email program, or chat, or RADIUS? So many things use certs now....I had no idea. How do they react to a wildcard cert?

The only services I've had issues with were jabber and an older build of freeradius than that which apple use. These were both server-side. Other services work correctly.

Watch out for the cost per server as well as some wildcard certs also cost per server they are to be used on.

Thanks!
-M

______________________________
Matt Federoff
Chief Information Officer
Vail School District
Vail, Arizona
520.879.2007
"Technician by trade, Educator at heart"

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden

References:
	>Wildcard Certificates - Do they work? (From: Matt Federoff <email@hidden>)
	>Re: Wildcard Certificates - Do they work? (From: Dave Schroeder <email@hidden>)
	>Re: Wildcard Certificates - Do they work? (From: Matt Federoff <email@hidden>)

Prev by Date: Re: Wildcard Certificates - Do they work?
Next by Date: Re: Create reverse only DNS record?
Previous by thread: Re: Wildcard Certificates - Do they work?
Next by thread: Re: Wildcard Certificates - Do they work?
Index(es):
- Date
- Thread

Home