I need 2 SSL certificates for one domain.

Started by wwwmaster@, Sep 30, 2022, 04:01 AM

Previous topic - Next topic

wwwmaster@Topic starter

I prefer to renew for serious projects and pay for several years in advance.
As it turned out, you can not renew ssl certificate 5 months before the end.
It is also not possible to create a second comodo certificate for one com domain.
Is it possible to have two different ssl certificates from different vendors?
For example: one domainssl, the second alfassl?


Quote from: wwwmaster@ on Sep 30, 2022, 04:01 AMIs it possible to have two different ssl certificates from different vendors?
Who will forbid to buy two SSL certificates from different vendors? Even ten, if you have extra money :) What for?

p.s. I had 2 SSL certificates from different vendors at the same time. Zero SSL and Let's Encrypt.
And nothing, I can switch between them in my web hosting panel :)

wwwmaster@Topic starter

Quote from: SIROTA on Sep 30, 2022, 04:37 AMWhat for?
Above it says. Renew and forget about it.
The domain is paid for seven years. The server is paid for several years in advance.
It doesn't work that way with ssl.


Quote from: wwwmaster@ on Sep 30, 2022, 07:39 AMIt doesn't work that way with ssl.
You can pay for 7 or 10 years, but every year you have to re-issue it...
I guess it's possible you can set it up somehow, but free reissue every three months...


Quote from: wwwmaster@ on Sep 30, 2022, 07:39 AMIt doesn't work that way with ssl.
It doesn't work that way, not because you "feel like it", but for security reasons, which is what encryption is for.
And, in general, it is too naive in this world to buy something for 7 years.  :-[

You can have 2 certificates if you don't have a CAA record in the DNS.


So it seems that they abolished the issuance of certificates for more than a year, before I remember were ssl for 3 years with me, now went to the free.
Cheap and sulfuric.

wwwmaster@Topic starter

Thanks, guys.
Anyway, got it. I can pay for 7-10 years, but every year I will have to reinstall the regenerated certificate. With the reinstallation of the issue will be resolved in the control panel.
If I get the confirmation from the technical support about this possibility, I will run the Let's Encrypt bot for fun.  :D
Well, in general, the topic is now clear and understandable.  :)


Here, I received a letter from Cloudflare, which I hasten to share. :)
The letter claims that Google, in parallel with the current, only updated certificate, created another one.
Well, it did, and it did.
Our Google takes care of us and now we do not need to fool around with the second certificate. :)
You cannot view this attachment.

I wonder what the hell?  :o



One SSL certificate can certify several very diverse names. This is called SAN - Subject Alternative Name and they are set when creating a certificate request. You cannot change anything in the certificate.
 In your case, it makes no sense to combine two certificates into one file - they are combined when it is necessary that in order to verify the correctness of the certificate, the certificate and all the certificates of the CA that issued it up to the root one are in one file.
I don't know how LE does it, but in ordinary CA it is indicated that the certificate supports SAN, and in your own CA it is clear that you yourself turn what you want.