SSL certificate with wildcard

Hi,

I have bought a certificate with wildcard to my multiple domains instance, but I can’t see a valid certificate in browser when I use it.

You can see it by example in the next service page:

https://jersey.aws.frog.mx:8212/bin

Is there something additional to do to use a wildcard certificate?, I’m doing this on my server:

                ipHttpServerChannel.SslOptions.UseTls = true;
                ipHttpServerChannel.SslOptions.CertificateFileName = txtCertificatePath.Text;
                ipHttpServerChannel.SslOptions.Enabled = true;
                ipHttpServerChannel.SslOptions.NeedPassword += (object sender, RemObjects.SDK.SslNeedPasswordEventArgs e) =>
                {
                    e.PasswordString = txtCertificatePassword.Text;
                };

Note* if I use a specific certificate in my RO server It works with no problem, and if I use the wildcard certificate in the IIS by example, I have no problems…

Can you help me

This is very strange indeed. The certificate looks correct in the browser, too. Could you have a check with GoDaddy support to see if they have any known issues with their certificates like this?

image1412×846 122 KB

That’s a normal behaviour. “*.frog.mx” is only valid vor one level below “frog.mx”. So “aws.frog.mx”, “test.frog.mx”, “abcdef.frog.mx.” would be fine. But it’s not valid for anything below that, e.g. “jersey.aws.frog.mx”. You could get a certificate for “*.aws.frog.mx” though.

RFC RFC 6125: Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS)
2. If the wildcard character is the only character of the left-most
label in the presented identifier, the client SHOULD NOT compare
against anything but the left-most label of the reference
identifier (e.g., *.example.com would match foo.example.com but
not bar.foo.example.com or example.com)