Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.4: How to set up a wildcard DNS' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.4: How to set up a wildcard DNS
Authored by: SonyaLynn on Nov 08, '05 11:00:52AM

Dunno if OS X Server 10.4.3 has changed this, but as of 10.4.2, one couldn't use a wildcard cert (*.domain.com) with a passphrase, I was shocked to discover.

I went back and forth between Apple and my SSL Cert provider and that was all we were able to pin down as the issue (which was preventing Web Services from starting up any sites using such a cert). Just sorta FYI on this.



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: jms1 on Nov 08, '05 11:33:54AM

This is not something that Apple, or apache, or your SSL certificate provider are going to be able to fix. The way the HTTPS protocol works is that the name embedded in the CN field of the certificate must exactly match the hostname that the browser is asking for, or the browser will probably complain about the certificate possibly being forged.

Some browsers are okay with wildcard names in the CN field, some browsers are not.

You can look at a certificate's x509 data (you will find the CN field in the "Subject" line) with a command like this:

openssl x509 -text -noout -in _____.crt

[ Reply to This | # ]