Explanation: If one issues a certificate for example.com , then it can be used

Question

0

Editorial Team

Asked: May 28, 20262026-05-28T01:34:28+00:00 2026-05-28T01:34:28+00:00

Explanation: If one issues a certificate for example.com , then it can be used

0

Explanation:

If one issues a certificate for example.com, then it can be used for https://example.com

For https://www.example.com one would have to provide another certificate which will match the sub domain.

Apparently, certificates for *.example.com are common, so a single certificate covers all you will ever need under your domain, e.g. mail.example.com, http://www.example.com, account.exmaple.com etc. etc.

However, I would not expect *.example.com to match example.com and yet, it does! And I wonder why.

Is it part of the standard?

Is it just a common browsers convention?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-28T01:34:29+00:00

For https://www.example.com one would have to provide another certificate which will match the sub domain.

This is not exactly so. CAs usually issue a certificate valid for both example.com and http://www.example.com

However, I would not expect *.example.com to match example.com and yet, it does! And I wonder why. Is it part of the standard?

Check if the certificate contains SubjectAlternativeName extension with just “example.com” in it. This is the most likely answer.

RFC 2818 (section 3.1), as I read it, doesn’t cover example.com by *.example.com , but this can be my interpretation.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Explanation: If one issues a certificate for example.com , then it can be used

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply