...
A not so obvious prompt is Common Name (eg, YOUR Name). This value should not be your name. Instead it should be the base domain name of your website. In our example, it would could be earth.com or www.earth.com.
We prefer using the www in our domain name, so we use will www.earth.com.
...
Again with CAs that support both
Info |
---|
CA's such as StartSSL can have SSL support for both www and no www. This is possible because the CA issues certificates where the Certificate Subject Alt Name extension is populated by both DNS Names, www.earth.com and earth.com will have ssl support. |
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:CA State or Province Name (full name) [Some-State]:Ontario Locality Name (eg, city) []:Toronto Organization Name (eg, company) [Internet Widgits Pty Ltd]:The Planet Earth Incorporated Organizational Unit Name (eg, section) []:Earth Defence Common Name (eg, YOUR name) []:www.earth.com Email Address []:admin@earth.com Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: |
...
Note |
---|
It is not possible to run multiple SSL-enabled virtual hosts on a server with only one IP address. A separate IP address or port is necessary for each SSL-enabled domain. There are new modules that provide this functionality, but as of May 2011 it is not yet widely supported by browsers. |
Verify with Browser
Launch a browser and try both https://www.earth.com and https://earth.com.
A lock icon should appear somewhere on your browser to indicate that the browser session is now encrypted.
Certificate details can also be verified by clicking on the lock icon and selecting View certificates.
Info |
---|
On the topic of having SSL support for both https://www.earth.com and http://earth.com when viewing the certificate naviagate to, www.earth.com Under the Certificate Subject Alt Name will see both DNS entries, Not Critical |
References
https://help.ubuntu.com/10.04/serverguide/C/httpd.html#https-configuration - trying this one first.
...