Wildcard Certificates utilization?

SOL6823 details how to genarate a CSR for a wildcard cert (Click here).

 

 

As for resources, are you asking if it's more resource intensive to decrypt SSL using a wildcard cert, or are you asking more generally about how much more CPU/memory it will take decrypting SSL versus passing it through encrypted?

 

 

Aaron

Thx Hoolio, more along the lines of personal experience of using this feature in a production environment on this platform. A question was raised if using wildcard certs, will require more/less resources than using standard certs?

Posted By hoolio on 01/21/2008 8:17 AM

 

 

SOL6823 details how to genarate a CSR for a wildcard cert (Click here).

 

 

As for resources, are you asking if it's more resource intensive to decrypt SSL using a wildcard cert, or are you asking more generally about how much more CPU/memory it will take decrypting SSL versus passing it through encrypted?

 

 

Aaron

 

 

 

HI Aaron,

 

 

I looked at the above solution and wanted to make sure.. that if I generate a CSR using

 

 

*.apple.mysite.com this would cover everything under apple.mysite.com for ex:

 

one.apple.mysite.com,

 

two.apple.mysite.com, and

 

apple.mysite.com;

 

 

however it would not cover orange.mysite.com or noneapple.mysite.com

 

 

Thanks,

 

Jay

I have been using wildcard certs for some time (on BigIP and WebLogic), and have never seen nor heard of any issues regarding resources.

 

 

I guess when the OpenSSL does hostname verification it sees the wilddcards and simply ignores that substring - in theory sounds plike a pretty cheap operation.

I agree, the performance for using a wildcard cert versus an explicit cert should be negligible.

 

 

Aaron