Thread Info
Options
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

LE - Wildcard certificates and multi-Domain-SAN ??

dirkkotte

Do we really need the wildcard certificates within ZTNA when using LE ?
A lot of companies need the wildcard certificate at other points, and with LE we can have a new certificate for every resource.

And ... two different verified domains within a single LE-certificate may work, but this looks not good.

Customers ask awkward questions regarding this.

Dirk



This thread was automatically locked due to age.
  • 0

    As ZTNA uses the certificate for the GW(s) as well as all Apps in between, it is crucial to use a wildcard certificate. 
    Otherwise, you would have to create per App certificates. 
    You could work with a sub domain and generate there the Wildcard. (a.customer.com). 

    From my point of view, this was not an issue right now, as most customers using LE for websites, use the HTTP based approach, which is not blocking the DNS approach. 

    __________________________________________________________________________________________________________________