问题
I have a wildcard SSL from Godaddy. When I go here:
https://conciergelive.conciergeliveapp.com/users_session/new
Everything is fine. But when I go here:
https://es.conciergelive.conciergeliveapp.com/users_session/new
I get a security alert. I need the extra subdomain to determine locality. Any ideas why this does not work?
回答1:
According to RFC 2818 Http Over SSL, section 3.1:
Names may contain the wildcard character * which is considered to match any single domain name component or component fragment. E.g., *.a.com matches foo.a.com but not bar.foo.a.com
it explains why the name *.conciergeliveapp.com in the certifacte matches conciergelive.conciergeliveapp.com but not es.conciergelive.conciergeliveapp.com
回答2:
Your SSL cert is really only good for *.conciergeliveapp.com, you will need another SSL cert for *.conciergelive.conciergeliveapp.com
You can reference the RFC-2818 http://www.ietf.org/rfc/rfc2818.txt
And checkout ServerFault for more detail: https://serverfault.com/questions/104160/wildcard-ssl-certificate-for-second-level-subdomain
来源:https://stackoverflow.com/questions/5295521/problems-with-ssl-and-multi-level-subdomains