Results 1 to 5 of 5
  1. #1
    Join Date
    Mar 2004

    Wildcard certificates and shared SSL

    My understanding of wildcard certs is that I can get * to be secured. Will that same certificate work for the server's IP address like as well, or is this simply not possible? (I wouldn't mind purchasing a second normal cert if I needed to.) Will most browsers display any warning messages when using the IP as the host?

    For that matter, what is the scoop on browser compatibility with wildcard certs overall? I have heard that they work perfectly fine with around 90% of all SSL-enabled browsers, and approximately 9% of all ssl browsers will display a warning message. The last 1% (of normally ssl-enabled browsers) I guess just can't work with them no matter what? Do these numbers seem accurate?

    Also, I hope some people who resell colocated webserver hosting might be able to give their thoughts and/or experiences using shared SSL. Do you use the wildcard method and allow everyone to use Or do you give them, or perhaps both?

    To be honest, they both look terribly unprofessional (for the user's customers that is). The first subdomain one probably wouldn't be so bad if it didn't have to have two dot-coms in it. I suppose I could just lop off the tld extension, as the probability of one customer on my site having and another customer having at the same time is as good as zero (although the probability that some thief tries to use this method to rip off the original owner is pretty darn reasonable).

    Thanks for your help guys.

  2. #2
    SSL certificates only work with domain name. If you enter (IP) your browser will warn you saying the name on the certificate was invalid or does not match the name of the site.
    ******** - ASP, ASP.NET. Windows 2008 Hosting - Windows Reseller Plans

    1 Exabyte = two to the sixtieth power byte, 1,152,921,504,606,846,976 bytes

  3. #3

    Re: Wildcard certificates and shared SSL

    There is no right answer to the question above about whether to use the wildcard method or to append a ~user to the end of the shared SSL. Wildcard certs cost more than a regular cert, but look slightly better. If you're offering shared SSL, it's probably due to price. But certs are not that expensive these days and anyone who is serious about SSL for their site should get their own cert. I don't offer shared SSL to my clients - I tell them to do it right and buy their own cert.

  4. #4
    Join Date
    Mar 2004
    We were going to offer certs for $89/yr or whatever, but then we realized you just can't do it on a colocated host. We can't give an IP per account. They would need their own dedicated server, which are not so cheap.

  5. #5
    Your data center should be able to provide additional IP addresses for your server (for a small price, most likely). Some data centers require that you "justify" the IP usage, which would be no problem in the case of SSL certificates.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts