NetTalk Central

Author Topic: Wildcard Certificates  (Read 6774 times)

bshields

  • Sr. Member
  • ****
  • Posts: 392
    • View Profile
    • Inhabit
    • Email
Wildcard Certificates
« on: October 23, 2017, 06:16:51 PM »
Hi,

In NetTalk 10.08 there have been some changes to certificates. Anyone know how to do wildcard certificates?

They are normally named:

*.domain.com

So my key and crt files would be:

*.domain.com.key and *.domain.com.crt

But thats not going to work as a filename.

Anyone dealt with this in NT10?

Regards
Bill Shields

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: Wildcard Certificates
« Reply #1 on: October 23, 2017, 09:50:28 PM »
Hi Bill,
I have not tested this (so would appreciate some feedback) but I think;
just use
domain.com
in the domains list.
And save the cert as domain.com.crt and domain.com.key

(LE doesn't do wildcard certs yet - that's only coming in Jan - so LE won't be able to get a new wildcard cert - but if you put a real cert there you should be ok.)

Make a backup of the cert somewhere else for now as well (crt and key).

cheers
Bruce

bshields

  • Sr. Member
  • ****
  • Posts: 392
    • View Profile
    • Inhabit
    • Email
Re: Wildcard Certificates
« Reply #2 on: October 24, 2017, 12:59:33 AM »
Well don't i feel stupid.

It worked fine!

I did "try" to try this approach at the beginning but clearly before i got a handle on the changes.

Thanks :)

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: Wildcard Certificates
« Reply #3 on: October 25, 2017, 12:09:01 AM »
It's important for the wildcard cert to be the first domain in the domains list.
ie if you had *.bruce.com and www.bill.com then the wildcard must come first.
trying to do 2 wildcards though will fail (for the second one.)
ie *.bruce.com and *.bill.com won't work.

[aside: it works because if an incoming domain is not in the list, then the first cert is used]

cheers
Bruce

bshields

  • Sr. Member
  • ****
  • Posts: 392
    • View Profile
    • Inhabit
    • Email
Re: Wildcard Certificates
« Reply #4 on: August 17, 2018, 09:25:38 PM »
Hi Bruce,

Any way for NT to support multiple wildcard certificates?

Regards
Bill

I'm on NT10.25.

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: Wildcard Certificates
« Reply #5 on: August 19, 2018, 10:49:46 PM »
Hi Bill,

I've added it to the list for NT11.
No promises, but I'll see what can be done.

cheers
Bruce


bshields

  • Sr. Member
  • ****
  • Posts: 392
    • View Profile
    • Inhabit
    • Email
Re: Wildcard Certificates
« Reply #6 on: August 21, 2018, 03:01:41 AM »
Thanks Bruce

Jane

  • Sr. Member
  • ****
  • Posts: 372
  • Expert on nothing with opinions on everything.
    • View Profile
    • Email
Re: Wildcard Certificates
« Reply #7 on: February 24, 2020, 09:19:57 PM »
Bruce,

Did you ever do anything with this (ability to use more than one wildcard cert?) 

Totally not urgent, but I'm looking at a couple of LAN projects where it would be nice to have a wildcard commercial cert and a wildcard domain (signed by our internal CA) cert.  If not, I can just make multiple domain certs to use with the commercial wildcard.

Cheers,

Jane

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: Wildcard Certificates
« Reply #8 on: February 24, 2020, 10:39:12 PM »
nothing yet Jane on multiple wildcard certs. But definitely could be something to look at when your need becomes more pressing.