By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Wild card certs and www.subdomain.domain.com

0

I have a wild card cert set up for a client who has a lot of sites with sub-domains. Is there a way to somehow get AWS to redirect WWW.sub-domain.domain.com to sub-domain.domain.com so the cert if valid (I know wild card certs only support Subs, not sub-sub domains)?

Topics
Networking & Content DeliverySecurity, Identity, & Compliance
Tags
Amazon Route 53AWS Certificate ManagerClassic Load Balancer
Language
English
Irvin
asked a month ago371 views
1 Answer
0

You cannot do an HTTPS redirect like that - as the first TLS connection would still be to a URI that is not in the subject alternative names of the certificate.

If you have a domain structure as follows:

www.sub-domain.domain.com, but also want to have a domain hosted at sub-domain.domain.com`

Then the www portion is another sub-domain, so your certificate needs to include that as well. You wold therefore need a certificate containing at least the following names.

  1. sub-domain.domain.com
  2. www.sub-domain.domain.com

And you are right - some browsers will support *.*.domain.com in subject alternate names (Chrome for instance), but many CAs will not allow you to issue a certificate like that - thus you can do the following.

*.sub-domain.domain.com *.other-sub-domain.domain.com

AWS
EXPERT
Max Clements
answered a month ago
profile picture
EXPERT
Giovanni Lauria
reviewed a month ago
  • Irvin
    a month ago

    That you Max. Can the cert be for domain, .domain, and www..domain or do I need to be specific about the sub-domains?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content