Tuesday, January 16, 2007

Wildcard SSL Certs

GoDaddy.comI needed to renew a couple SSL certs at my office today. My brother had good things to say about Go Daddy's SSL certificates. He told me they're cheap and they are supported by all browsers he tested. They support OpenBSD. Plus, I've been happy with them as a registrar. So, I gave them a shot.

I manage a lot of servers at work and several of my certificates were to expire soon. Plus I was using some self-signed certificates on some servers. Given that I could use certificates on more than 10 servers, I decided to go with a wildcard certificate. That means that I can use this certificate for any host with a "*.mydomain.com" address.

The process couldn't have been easier. After creating a key and a certificate signing request (csr) for "*.mydomain.com", I was able to go through their web interface and was finally emailed a link to download both the certificate and an intermediate CA chain file.

Thanks, Go Daddy.