Generating self-signed, wildcard certificate for IIS 7.5 on .local domain
8,808
Your question actually did end up getting answered in that question here; You cannot create a Wildcard SSL certificate through IIS7+'s self-issued certificate system.
Related videos on Youtube
Author by
zam6ak
Updated on September 17, 2022Comments
-
zam6ak over 1 year
Is it possible to generate self signed, wild-card ssl certificate for internal domain on IIS 7.5 for testing purposes. For example I'd like common name to be *.domain.local
Similar question for IIS 6 was posted here, but without clear answer (in my opinion)
-
zam6ak over 13 yearsThis requires having Active Directory® Certificate Services (AD CS) role on a server correct? If that is the case, we don't have one :)...Is there a way to generate this via IIS 7.5 or some other means (OpenSSL ?)
-
Andrew Barber over 13 years@zam6ak - Using OpenSSL would be a great option if you don't have a CA available, yes.
-
zam6ak over 13 years@Andrew Barber - so OpenSSL will let me generate self signed, wildcard cert with local domain? Is there a URL you can point me (I found bunch for IIS6 bit not for 7? Thanks a lot
-
zam6ak over 13 yearsInternal CA with GP seems like a viable solution since it allows not only cert generation but also ability to tell the clients to trust it...See this comment: serverfault.com/questions/143047/in-house-trusted-certificate/…
-
Abhijeet Patel almost 13 yearsI'm using SelfSSl7 for generating a self signed cert for IIS7.5 but wilcarding the CN does not work:I tried this: SelfSSL7 /Q /T /I "Default WebSite" /N cn=" *.mydomain.com";cn=mymachinename;cn=localhost /K 1024 /V 18250 This is the error I get:Common name (/N cn= *.mydomain.com) contains invalid characters.
-
Ov's Pianist almost 13 yearsYour quotes are in the wrong place.
-
Abhijeet Patel almost 13 yearsI had to deliberately include a space after the quote and before the * since the comment would not format correctly here. Besides that, what am I doing wrong?
-
Ov's Pianist almost 13 yearsserverfault.com/questions/272534/… - good you found the answer!
-
Abhijeet Patel almost 13 yearsNo I did not! The answer in that question does not show how to register a wildcard domain name
-
Ov's Pianist almost 13 yearsThe old SelfSSL - not v7.
-
Abhijeet Patel almost 13 yearsThat sucks. You'd think that you would be able to do this in v& as well. I've posted a question on the IIS7 site asking how to do this, but haven't heard back yet
-
Ov's Pianist almost 13 yearsIt's as if you're reading a different answer...
-
Abhijeet Patel almost 13 yearsHow so? If a feature works in SelfSSL, I would imagine it to work in V7 as well.