8

We bought a certificate two years ago for service1.domain1.com and it is valid up to 2018. The problem is that domain was managed by third party and they are going to drop that sub domain.

My question is can we use the certificate bought for service1.domain1.com on service1.domain2.com?

Our server is IIS 7.5. I create a website and put service1.domain1.com and service1.domain2.com together in bindings on the same website. Both https://service1.domain1.com and https://service1.domain2.com seem to be working perfectly when I view them on browser. If we keep that way and our third party dropped their domain service1.domain.com, can https://service1.domain2.com still work with that certificate?

Jonas T
  • 225
  • 3
  • 9

2 Answers2

14

No, the certificate will give an error in browsers that it is for the wrong domain. That's the whole point of certificates - to verify that the site is the one it claims to be. Part of that is verifying the URL of the site matches the one on the certificate.

Depending on where you got the certificate, they may allow you to revoke the one for the old domain and get a new one for the new domain. Or they may want you to pay for a whole new certificate.

Grant
  • 17,671
  • 14
  • 69
  • 101
  • Thanks Grant. I will advise them to buy a new certificate for our new domain. – Jonas T May 06 '13 at 00:27
  • We bought a certificate for .com.au but it turned out that we were going to use .com. DigiCert took .com.au certificate and issued a new certificate for .com for free. Godspeed DigiCert. – Jonas T Feb 11 '14 at 03:04
5

SSL certificates are domain specific. In fact unless they're wildcard certififcates, they cannot even be swapped out for subdomains either. Eg: A certificate ordered for super.power.com will not work on power.com.

When you generate a Certificate Signing Request, the common field is the domain name, and the key and certificate become specific for the domain.

Joel G Mathew
  • 890
  • 1
  • 9
  • 18