Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: Wildcard certs; to use or not to use
From: Mike Wiseman <mike.wiseman () UTORONTO CA>
Date: Tue, 4 Dec 2012 15:36:50 -0500




Has anyone used wildcard certs for their university domain? What are the pros and cons? We are in the process of moving 
our public pages to a hosting site and I've been asked if wildcard certs can be used. I assessed using wild card certs 
in the past (based on the way they wanted to use them) and deemed the risk was to great.

The environment they want to do this in now is with multiple domains on one IP address.

Any input would be appreciated.

Wildcard certs are issued  to a number of department administrators here. Our practice around using them is that they 
must be administered by one IT group only to maintain the security of the private key.  This is usually useful since 
many departments make use of a single domain level and, with a wildcard cert, they have only one cert/key to worry 
about renewing and replacing.

Mike



Mike Wiseman
Manager, Information Security
Information + Technology Services
University of Toronto


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]