wildcard SSL, is this a bad thing?
- From: Derek Robson <robsonde@xxxxxxxxx>
- Date: Thu, 16 Apr 2009 13:39:03 +1200
do wildcard SSL cert's have a bigger security risk?
we are building 4 new servers for our internal intranet staff directory.
we will have a c-name for each server.
this way we can point any c-name at any server for DR and maintance outages.
the old system was to have an SSL cert for each server.
svr1.intranet.company.com
svr2.intranet.company.com
svr3.intranet.company.com
svr4.intranet.company.com
problem is that if we re-point a c-name we will get a SSL cert mis-match.
my plan is to make each server use a wildcard SSL cert of *.intranet.company.com
I know my solution will solve the problem but is it a security risk?
is this a bad thing?
what security risks am I opening up?
thanks
------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute
Find the source of cybercrime! Almost every crime today involves a computer or mobile device. Learn how to become a Computer Forensics Examiner in InfoSec Institute's hands-on Computer Forensics Course. Up to three industry recognized certs available, online computer forensics training available.
http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------
- Follow-Ups:
- Cyberspies hacked into $300 billion U.S. fighter
- From: Leonardo Dutra
- Cyberspies hacked into $300 billion U.S. fighter
- Prev by Date: What difference does it make?
- Next by Date: Re: Securing RDP - Is this possible?
- Previous by thread: Re: wildcard SSL, is this a bad thing?
- Next by thread: Cyberspies hacked into $300 billion U.S. fighter
- Index(es):
Relevant Pages
|
