Forum Discussion

Satriaji's avatar
Satriaji
Icon for Cirrus rankCirrus
Sep 30, 2021

UNTRUST CERTIFICATE DNS https://www.poinplus.bni.co.id

Hii Everyone,   I have a case about DNS. I have 2 DNS: poinplus.bni.co.id & www.poinplus.bni.co.id . they pointing with 1 VS (VS_Poinplus) that using SSL Asterisk (*bni.co.id) and the path is d...
Mayur_Sutare's avatar
Mayur_Sutare
Icon for MVP rankMVP

Hi  ,

 

Normally this is how wildcard certificates works! Wildcard certs won’t work for second level subdomain and due to same reason it’s not working in your case.

As for url www.poinplus.bni.co.id , www part becomes second level subdomain when using wildcard certificate of CN - *bni.co.id . This certificate will cover only URLs with first level subdomain i.e. your working URL - poinplus.bni.co.id.

 

The options like redirect or rewrite will come post successful SSL/TLS handshake with the vServer. So as per my understanding, if you apply these settings, still you will get the SSL warning error and post doing the continue then that irule will be executed.

 

There are few options for you to fix this issue-

 

1.     You can modify the affected URL/dns to adjust it according to the wildcard cert CN

2.      Have new certificate for the affected domain; or use SAN option which allows you to use combinations of domain; subdomains in single cert.

 

 

Hope it helps!

Satriaji's avatar
Satriaji
Icon for Cirrus rankCirrus
Oct 02, 2021

Thank for your information, Mayur ... So, we cannot using iRules because www.poinplus.bni.co.id is subdomain and not using cert *bni.co.id right ? So if wanna to TRUSTED for access https://www.poinplus.bni.co.id must be buy the certificate right .