Using A Wildcard SSL Certificate With OpenSSL

One of the most common issues you will see across forums, blogs and posts is the issues of using a Wildcard SSL certificate with OpenSSL. Many of the sites will recommend using what is known as a self-signed certificate and, while it can be done, it also creates some very serious issues.

Any of our Comodo Wildcard SSL certificates are a good match if you choose to use OpenSSL. In fact, it is very easy to use OpenSSL for the Certificate Signing Request (CSR) as well as for the installation of the certificate and the private key on the server. To make things very easy, regardless of the server platform in use, we provide full step-by-step instructions for assistance.

Keep in mind our tech support team is also here to help. You will just need to provide them with the server distribution and version and they can walk you through any challenges you may be experiencing with the generation of the CSR or the actual installation of the certificate. Our Wildcard products can also be installed on unlimited physical servers at no extra cost. We can provide support in exporting and importing the SSL certificate and the key as needed.

One Mistake to Avoid

A very common issue that will crop up online is the use of a self-signed certificate. To understand the challenges of this option, although it can be done with OpenSSL and it is free, start by considering the definition of SSL.

SSL or TLS is virtually the same, with TLS or Transport Layer Security the term official used. However, the original term of SSL is still the most common, which is why you will sometimes see products marketed as SSL/TLS certificates.

To be a valid SSL/TLS certificate, it is important to go through a validation process. When using a CA or Certificate Authority such as Comodo, we use a very specific and approved validation process. In fact, for all of our SSL products, you will find a WebTrust seal at the bottom of our website pages.

Clicking on this WebTrust Logo or seal will bring you to a full report on just what the different validation levels require. All meet the complete requirements of the AICPA/CICA WebTrust for Certification Authorities Principles and Criteria. As we offer this level of validation, we are also able to offer a relying party warranty of up to a quarter of a million dollars on our Wildcard SSL certificate with OpenSSL or any other type of operating system or server platform.

This full validation shows your customers, as well as browsers and devices, that you are an authentic company. Our root certificate is embedded and recognized by over 99.9% of all devices and browsers, virtually eliminating the chance of your customers ever seeing a security warning.

A self-signed Wildcard SSL certificate with OpenSSL doesn't have any of this backing. Instead, it says your website is safe because you say it is safe. The logic with these types of options is that if you have access to generate the self-signed Wildcard SSL certificate with OpenSSL, you must be the website administrator or owner, but this is not always the case.

Generating the Certificate Signing Request and the Installation Process

To make things as easy as possible for our clients ordering a Wildcard SSL certificate with OpenSSL, we provide a complete set of steps through our knowledgebase area. Search by the type of server and the distribution as well as the words "CSR generator" or "Certificate installation" depending on which step you are on.

Typically, with both processes the command line approach or using the specific format for the server platform can be used to install the private key and the certificate on the server. After installation, be sure to test the SSL certificate using the Comodo certificate checker and analyzer.

The same process can be used for installing the Wildcard SSL certificate with OpenSSL on other servers in your network. With our Comodo Wildcard we never charge extra for installation on multiple servers, in fact, we allow you to install it on unlimited physical servers with no change in the price.

For more information on Wildcard SSL certificates or the use of OpenSSL for generating a CSR or during installation, contact our team at +1 888 266 6361 or on the web at We provide a handy online chat system to help you to get your questions answered quickly and efficiently so you can get your site secured today.

Related Articles
Back to TOP