2
I have multiple subdomains running web servers that I was to put SSL onto.
Say they are linux.mydomain.com, windows.mydomain.com and mac.mydomain.com. each is its own vps and has its own IP (and a different OS, but that is by-the-by). The linux.mydomain.com server handles the DNS. Can I get a single SSL certificate *.mydomain.com to cover running SSL on all of them?
frumbert
Posted 2015-10-02T01:20:09.507
Reputation: 547
4
Yes.
You would need to ensure that all sites shared the same private key - and this represents a small security risk, but its entirely practical to do this. (Its not dissimilar to having distributed servers all with the same set of domains).
The certificate is bound to a private key, not an IP address, so that is almost irrelevant.
I'm sure you had worked this much out, but the type of cert you want is probably a wildcard cert. There are some limitations of these (for example you can't get Extended validation).
davidgo
Posted 2015-10-02T01:20:09.507
Reputation: 49 152
I thought as much, but it seemed most answers I found also had mentioned that it was a single IP with subdomains. Thanks for the info! – frumbert – 2015-10-02T01:38:29.923
The single IP thing may be a single server thing - some registrars have inane artificial restrictions on certs - I know that when I got an EV Cert from Thawte for a client they had this restriction - and it was purely a license thing, there was no technical barrier to running it on multiple machines. – davidgo – 2015-10-02T01:52:51.570