We keep failing our PCI compliance over what I believe is an error on their
side.  Our wildcard cert covers *.bluespring.me, which is used on multiple
servers.  They are wanting an exact match to our domain on the CN, which is
"65-126-126-5.dia.static.bluespring.me".  To me, *.bluesping.me IS a
match.  If I change the CN to that specific billing server then it will not
match the website server.  It was my understanding that this is the entire
point of having a wildcard cert.  Anyone else ever gone through this?  Does
their analysis that *.bluespring.me is NOT a match seem right to everyone

Reply via email to