Menu

SSL Certificate - Could we use a wildcard certificate

0 votes

We are updating our public SSL certificate and would like to utilize a wildcard certificate instead. Does the application support that?
At the moment - we are getting a error, but we can see that it is using the new wildcard certificate.

in Security by (120 points)
Share on
share on gp share on fb share on tw share on li
dbFront should not care as long as the certificate allows the browser to complete a valid SSL connection to the web server.   dbFront only reports and warns about the lack of an SSL secured connection.   What error are you getting?
by (59.8k points)
The error we get with with our expired dbfront.domain.com certificate and new *.domain.com certificate is the same.

Error is "the connection is invalid. SSL certificate expired" however, the details below (on the same error page) shows certificate CN *.domain.com with certificate validity until July 19, 2023
by (120 points)
Is there a load balancer in the mix?  Internally dbFront uses the Request.IsSecureConnection() call in c#.    See: https://stackoverflow.com/questions/12725859
by (59.8k points)
The issue with using a LoadBalancer is that they are often the termination point for the SSL connection. The LoadBalancer forwards the conversation to the WebServer/dbFront as plain, unsecure HTTP.  This means that the client sees that the connection is running over SSL but dbFront and the WebServer only see HTTP which is unsecure.

One solution would be to configure dbFront to look for custom HTTP headers added by the LoadBalancer.  This would need to be site specific.
by (59.8k points)

Please log in or register to answer this question.

Welcome to the dbFront Q&A site, where you can ask questions and receive answers from other members of the community.

Categories

Most popular tags

table-view error action-button security lookup-field user-interface css form-fields advanced-search table-grid reporting import stored-procedure tables installing url login customizing user-help sqlserver active-directory single-sign-on performance export license search custom-visibility mysql authentication database-connection table-relationships foreign-key cascading-lookup attachments logo field-preferences printing themes email date-field iis oracle backup costed pdf-form user-profile quick-search iframe numeric-field table-preferences timeout sorting excel multilingual header connector notifications audit support csv display upgrading database child-tables session-key-failure webrequest wildcard-search font-size save-button sidebar-help row-security default-value network-file local-file multi-select integrations main-menu logout custom-sorting validation attachment-properties custom-caption drop-down-list debugging ldap xml checkbox access-control record-locks user-alerts date-format custom-list tooltips grid-editing duplicates rollback ssl primary-key record indexes
 | Minimalist Answer Theme by Digitizor Media
 |
Powered by Question2Answer
...