I have a bunch of sites served through nginx with SSL with self-signed certificates, each of which is on a subdomain, e.g.:
https://app1.example.com https://app2.example.comMy user base is small and tightly controlled so I personally install the certificates for each user. The problem is that the number of apps is increasing to the point that it would be far easier to be able have a single
*.example.comwhich I circulate. However, self-signed wildcard certificates don’t work in most browsers. How would I get around this? I’m guessing that one option would be to somehow provide a list of subdomains for the certificate, but I have no idea how I would go about doing that. My other thought is that perhaps I could create a self-signed root certificate from which each subdomain inherits?
Answer
If your user base and their computers are not managed by you, then that is a classic case where you should purchase an SSL certificate from a 3rd party rather than use self-signed certs. Wildcard certs are readily available from many 3rd party CAs and they are not very expensive. I assume you own the example.com domain.
Attribution
Source : Link , Question Author : aquavitae , Answer Author : JaredPep
