Certificate name wildcards

SyslogDefender and SyslogSender support wildcards in certificate common names (CNs) and in X.509v3 Subject Alternative Names (SANs). The left-most subdomain name can use an asterisk as a wildcard character in its right-most position.

The following table shows matching and non-matching names and wildcards:

Server Domain Name or Client verify_name

Certificate CN or SAN

Matches?

Server5.YourCo.com

*.YourCo.com

Yes

Server5.YourCo.com

Server*.YourCo.com

Yes

www.Server.YourCo.com

*.YourCo.com

No

The wildcard matches against only one subdomain name.

YourCo.com

*.YourCo.com

No

The wildcard does not match an omitted subdomain name.

any

www.*.YourCo.com

No

The wildcard must be in the left-most position of the subdomain name.

any

*Server.YourCo.com

No

The wildcard must be in the right-most position of the subdomain name.

Client100

Client*

Yes

Client100

*

Yes

Related topics

Planning

SSL-TLS-overview

SyslogSender-configuration-file

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*