我是第一次尝试设置 SSL。我从 Gandi.net 购买了我的域和 SSL 证书。他们的文档说
subdomain.example.com indicates the subdomain that you want to protect. This is the most important part. If you have a single-address certificate to activate, you should put in the full subdomain (e.g. foo.example.com). The www subdomain is added automatically by the CA, for example, example.com will secure both example.com and www.example.com If you have a wildcard certificate, you should put in a * for the subdomain (e.g. *.example.com). Wildcard certificates also secure the raw domain (with no subdomain). - http://wiki.gandi.net/en/ssl/csr
我在 Heroku 上托管我的应用程序,他们的文档说:
The Common Name field must match the secure domain. You cannot purchase a certificate for the root domain, e.g., example.com, and expect to secure www.example.com. The inverse is also true. Additionally, SSL Endpoint only supports one certificate per app. Please keep this in mind for multi-domain applications and specify a Common Domain that matches all required domains. - https://devcenter.heroku.com/articles/ssl-endpoint#acquire-ssl-certificate
这些似乎有冲突。请指教!
最佳答案
您需要从权威机构获得证书 supports the Subject Alternate Name X.509 extension .
这将使您获得一个域名,其通用名称设置为 www.mydomain.com
,备用名称设置为 mydomain.com
(如 Lloeki 所述,您应该提供两个名称作为备用名称)。
关于ssl - 为根域生成 CSR(是否包含 www?),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/18403276/