Home page logo

basics logo Security Basics mailing list archives

wildcard SSL, is this a bad thing?
From: Derek Robson <robsonde () gmail com>
Date: Thu, 16 Apr 2009 13:39:03 +1200

do wildcard SSL cert's have a bigger security risk?

we are building 4 new servers for our internal intranet staff directory.
we will have a c-name for each server.

this way we can point any c-name at any server for DR and maintance outages.

the old system was to have an SSL cert for each server.

problem is that if we re-point a c-name we will get a SSL cert mis-match.

my plan is to make each server use a wildcard SSL cert of *.intranet.company.com
I know my solution will solve the problem but is it a security risk?
is this a bad thing?

what security risks am I opening up?


This list is sponsored by: InfoSec Institute

Find the source of cybercrime! Almost every crime today involves a computer or mobile device. Learn how to become a 
Computer Forensics Examiner in InfoSec Institute's hands-on Computer Forensics Course. Up to three industry recognized 
certs available, online computer forensics training available.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]