Ask a Question

How to enroll for a Managed PKI for SSL certificate with Subject Alternative Names

Solution

A Subject Alternative Names (SAN) certificate is capable of supporting multiple domains and multiple host names with domains. Here are examples of an SSL certificate with SANs that can be issued from a Managed PKI for SSL account.
 
www.sslsupport.net
site.net
*.remote.sslsupport.net

  • The Certificate Signing Request (CSR) file will contain one name as the Common Name. The additional SAN's are added via the enrollment page.
  • There is a limit of 100 SANS names per certificate.
     

In order to enroll for a Subject Alternative Name (SAN) SSL certificate, the following is required:
 
Domain Requirements:

  1. Determine if the domain has already been established for use in the Managed PKI for SSL account.
  2. If the domain has not been added to the Managed PKI for SSL account. Then submit a new domain name enrollment.
  3. If this is a EV SSL certificate enrollment with Subject Alternative Names. The domain must be enabled for EV use in the Managed PKI for SSL Control Center.
     

Enable Subject Alternative Name in MPKI for SSL Control Center:
 

  1. The Subject Alternative Name feature has to be enabled in the Managed PKI for SSL account, please click here for documentation.
     

Generate a Certificate Signing Request (CSR) file:
 

  1. The Certificate Signing Request (CSR) file will contain one name as the Common Name. The additional SAN names are added via the enrollment page. To generate a Certificate Signing Request (CSR) file from the web server, please click here for documentation.
     

Enrollment:
 

  1. Once the above steps have been completed, submit the Certificate Signing Request (CSR) file along with the added Subject Alternative Names through Managed PKI for SSL Subscriber Services enrollment page.