Hi, (Maybe I should label this question "How to use a wildcard server certificate"?).
We bought an SSL server certificate on the domain "*.company.com" in an intention to use it on several sub-domain hosts. When trying to fetch from host "xxx.test.company.com", wget gives an error like: ERROR: certificate common name `*.company.com' doesn't match requested host name `xxx.test.company.com'. To connect to xxx.test.company.com insecurely, use `--no-check-certificate'. So far I couldn't find an explanation on why this is wrong - I though (based on what I read in the explanation of the certificate provider) that the certificate can be used directly by any HTTP server under that domain. This is also what I get from Googl'ing about this. I use NameVirtualHost and there is only one web site on this particular server: NameVirtualHost xxx.test.company.com:443 <VirtualHost xxx.test.company.com:443> SSLEngine on SSLCipherSuite HIGH:MEDIUM:EXP:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM:+EXP SSLCertificateFile /etc/httpd/certs/_.threatmetrix.com.crt SSLCertificateKeyFile /etc/httpd/certs/threatmetrix.com.key SSLCertificateChainFile /etc/httpd/certs/gd_intermediate_bundle.crt .. The server is CentOS 5 and Apache 2.2.3. Trying to browse this page from Fireforx doesn't pop up any warning. Browsing from IE 7 on Windows XP gives a warning page with: "The security certificate presented by this website was issued for a different website's address" So what am I missing? Thanks, --Amos