Yes. Another wildcard cert question.

[Koreru]

OK. So we've got a wildcard cart. It installs OK. And there's no problems going to, say... https://www.domain.com or https://subdomain.domain.com. But trying to got to https://domain.com (without any subdomain) gives us the security warning.

What are we missing here? It's a wildcard. Shouldn't it cover the domain name all by itself?

 

[Koreru]

Anyone?

Or do I need another certificate?

 

[david510]

It depends for which name you bought and installed SSL. If you installed for www.domain.com then https://domain.com will show warning. You can redirect the domain.com to www.domain.com

 

[Koreru]

It depends for which name you bought and installed SSL. If you installed for www.domain.com then https://domain.com will show warning. You can redirect the domain.com to www.domain.com

It's a wildcard, so it was installed as *.domain.com

 

[tfittsy]

I have read that wildcard SSLs only secure one level of subdomains. so it will secure subdomain.domain.com but not sub.domain.domain.com or domain.com.

Not to take your thread, but can you offer any help with installing the Wildcard SSL? I've been trying for two days to install it in cPanel but it always times out. I get this...


Attempting to verify your certificate..... Cerificate verification passed!
Verifcation Result [/O=*.ziggos.com/OU=Domain Control Validated/CN=*.ziggos.com]
[a fatal error or timeout occurred while processing this directive]

It pauses for about 30 seconds between the first two lines and the last line.

I tried to manually install the SSL certificate by editing the httpd.conf file and it did allow my to open https://fifties.ziggos.com but it pulls up the wrong page. It shows the same thing as http://www.ziggos.com instead of http://fifties.ziggos.com.

 

[Spiral]

I have read that wildcard SSLs only secure one level of subdomains. so it will secure subdomain.domain.com but not sub.domain.domain.com or domain.com.

Actually it "SECURES" everything ---

Security is the same irregardless!

The alert box that is popping up is just warning about a domain mismatch
and actually doesn't have any bearing on actual security which is still
strongly encrypted irregardless of the popup alert.

Now with that said, if you don't want the annoying browser alert message then
you should stick with 1st tier subdomains (sub.domain.com) instead of 2nd tier
subdomains (sub2.sub.domain.com)