Menu

SSL Certificate - Could we use a wildcard certificate

0 votes

We are updating our public SSL certificate and would like to utilize a wildcard certificate instead. Does the application support that?
At the moment - we are getting a error, but we can see that it is using the new wildcard certificate.

in Security by (120 points)
Share on
share on gp share on fb share on tw share on li
dbFront should not care as long as the certificate allows the browser to complete a valid SSL connection to the web server.   dbFront only reports and warns about the lack of an SSL secured connection.   What error are you getting?
by (65.4k points)
The error we get with with our expired dbfront.domain.com certificate and new *.domain.com certificate is the same.

Error is "the connection is invalid. SSL certificate expired" however, the details below (on the same error page) shows certificate CN *.domain.com with certificate validity until July 19, 2023
by (120 points)
Is there a load balancer in the mix?  Internally dbFront uses the Request.IsSecureConnection() call in c#.    See: https://stackoverflow.com/questions/12725859
by (65.4k points)

1 Answer

0 votes

I am going to assume that the issue was the load balancer. Please indicate if there is something else going on.

The issue with using a LoadBalancer is that they are often the termination point for the SSL connection. The LoadBalancer forwards the conversation to the WebServer/dbFront as plain, unsecure HTTP. This means that the client sees that the connection is running over SSL but dbFront and the WebServer only see HTTP which is unsecure.

One solution would be to configure dbFront to look for custom HTTP headers added by the LoadBalancer. This would need to be site specific.

Let me know if that functionality is required.

by (65.4k points)
Welcome to the dbFront Q&A site, where you can ask questions and receive answers from other members of the community.

Categories

Most popular tags

table-view error lookup-field security action-button table-grid advanced-search form-fields css user-interface stored-procedure reporting customizing installing tables authentication import url export attachments single-sign-on user-help active-directory login search sqlserver database-connection foreign-key license field-preferences custom-visibility email performance pdf-form cascading-lookup duplicates themes mysql date-field backup upgrading table-relationships quick-search drop-down-list logo table-preferences refresh excel printing connector notifications primary-key iis azure connection database webrequest costed sidebar-help user-profile multi-select main-menu attachment-properties iframe numeric-field access-control record-locks timeout sorting multilingual header audit support csv oracle display hosting link help html-fields whitelisting child-tables session-key-failure wildcard-search font-size caching save-button row-style row-security default-value barcode network-file local-file integrations logout custom-sorting validation custom-caption debugging ldap
 | Minimalist Answer Theme by Digitizor Media
 |
Powered by Question2Answer
...