SSL Certificates and ... Providers

Andrew Latham lathama at
Thu Dec 27 19:54:53 UTC 2012

On Thu, Dec 27, 2012 at 2:47 PM, Blake Pfankuch <blake at> wrote:
> Ok, so this might be a little off topic but I am trying to validate something a vendor is telling me and hoping some people here have expertise in this area...
> I am working with a SSL certificate provider.  I am trying to purchase a quantity of wildcard SSL certificates to cover about 60 FQDN's across 4 domains.  Vendor is telling me that the Wildcard certificates are licensed per physical device it is installed on.  This means instead of using a single wildcard across 20 servers, I would have to buy 20 wildcard certs for 20 servers.
> This does not compute in my brain and also in my mind completely defeats the purpose of a wildcard cert as I know it.  Has anyone run into this before?
> Thanks
> Blake


Many vendors assign to a single IP address.  When you send your CSR it
is for one server only. Look at some of the public/free CAs to find
some unbiased info.  You could hide everything behind a
proxy/loadbalancer if you want.

~ Andrew "lathama" Latham lathama at ~

More information about the NANOG mailing list