Forum Discussion

Daniel_Stinebau's avatar
Daniel_Stinebau
Icon for Nimbostratus rankNimbostratus
Mar 17, 2015

Multiple Wildcard RSA Certs on one SSL Client policy, is it possible?

I have 2 wildcard cert's for 2 different domains (obviously) that I would like to use in a single ssl client profile, however I get the error: client ssl profile cannot contain more than one set of same certificate/key type

 

Which I suppose is correct as they are both RSA cert's. Would converting one to a different format be a problem, or break trust? Or is there another way I should be going about this entirely?

 

APM
BIG-IQ
design
security

4 Replies

Sort By
  • Hannes_Rapp's avatar
    Hannes_Rapp
    Icon for Nimbostratus rankNimbostratus
    Mar 17, 2015

    Configuring TLS/SNI in your client-side SSL profile is a possibility but that would not be the best solution at this point. Please note, this technology is not supported on IE browser running on Windows XP. With about 35% of all desktop users still running Windows XP, I would postpone taking into use the TLS/SNI technology for any client-facing application.

     

    The best option would be keeping your certificates for different domains separated in different client-side SSL profiles. Configure multiple virtual servers for the same application if you have to. Perhaps TLS/SNI would be a great technology to use in 2-3 years.