Multi tenant application - SSL certificate

1
votes

We have a multi tenant application which works based on domain wildcard registration, now we would wanted to add SSL certificate to our application,

So I need to correct approach on how it should be used,

I know about godaddy Wildcard SSL with which you can define un-limited no of subdomain and apply this certificate, but in our case the subdomain are not physically specified we are identifying it with wildcard only, all subdomain are pointing to single domain/server only just application who understands and behaves accordingly.

Can someone guide me on this.

1
sslwildcardmulti-tenant

1 Answers

1
votes

A wildcard certificate is signed for CN=*.example.com

That means a HTTPS client/browser will match the invoked DNS name with the wildcard, and as long as it's a level one subdomain, it will match. That is because the * is a special token in the common name (CN).

So foo.example.com and bar.example.com will match. foo.bar.example.com will, however, not.

As far as the certificate is concerned, you don't have to define a list of valid subdomains anywhere.

So your guess is right, simply buy a wildcard certificate from your CA of choice and your done.