Hacker News new | past | comments | ask | show | jobs | submit login
[dupe]
on May 17, 2013 | hide | past | favorite



Firefox gives this:

  The certificate is only valid for the following names:
  ieonline.microsoft.com , *.bing.com , *.windowssearch.com
and https://www.bing.com has a different problem:

  The certificate is only valid for the following names:
  a248.e.akamai.net , *.akamaihd.net , *.akamaihd-staging.net
The second is one I've seen a lot (https://npr.com/ for example) but that first one is odd. Does *.bing.com not cover bing.com?


No. Wildcard certificates do not cover the root domain name. I recently ran into this particular issue with our site, and we determined that the only viable alternatives are using an certificate with a "Subject Alternative Name" (an X.509 extension) to cover the root domain name, or to use multiple certificates.


There was already a discussion about Bing and SSL four weeks ago: https://news.ycombinator.com/item?id=5576041

Nothing new here


Must have missed it, sorry dudes. I was doing some testing and was surprised.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: