Home

SSL wildcard Certificate

%3CLINGO-SUB%20id%3D%22lingo-sub-308229%22%20slang%3D%22en-US%22%3ESSL%20wildcard%20Certificate%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-308229%22%20slang%3D%22en-US%22%3E%3CP%3EI%20think%20i%20have%20tried%20everything%20with%20i%20have%20found%20to%20create%20a%26nbsp%3B%20wildcard%20certificate%20for%20horizon%20for%20the%20past%20several%20days.%20and%20nothing%20has%20worked.%26nbsp%3B%20i%20get%20errors%20like%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%22This%20site%20can%E2%80%99t%20provide%20a%20secure%20connection%20localhost%20uses%20an%20unsupported%20protocol.%22%26nbsp%3B%20or%3C%2FP%3E%3CP%3E%22err_ssl_version_or_cipher_mismatch%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Eall%20which%20do%20not%20allow%20the%20interface%20to%20come%20up.%26nbsp%3B%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ei%20have%20even%20tried%26nbsp%3B%20the%20following%20link%2C%20all%20which%20have%20not%20been%20fruitful%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Frobbieroberts.wordpress.com%2F2014%2F04%2F04%2Fcreating-a-wildcard-webserver-certificate-with-your-internal-microsoft-ca%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3ECreating%20a%20wildcard%20webserver%20certificate%20with%20your%20internal%20Microsoft%20CA%20%7C%20Robbie%20Roberts%20Blog%20OCS%2C%20Exchange%20%26amp%3B%20Technolo%E2%80%A6%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Enow%20i%20am%20creating%20the%20certificate%20Poweshell%20with%20the%20script%20below%20which%20works%20on%20Windows%2010%20but%20not%20Windows%20server%202012%20R2%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%24date_now%20%3D%20Get-Date%3C%2FP%3E%3CP%3E%24extended_date%20%3D%20%24date_now.AddYears(99)%3C%2FP%3E%3CP%3E%24cert%20%3D%20New-SelfSignedCertificate%26nbsp%3B%20%60%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20-Type%20Custom%20%60%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20-certstorelocation%20cert%3A%5Clocalmachine%5Cmy%20%60%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20-dnsname%20*.domain.local%20%60%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20-KeyUsage%20DigitalSignature%2C%20KeyEncipherment%20%60%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20-KeySpec%20KeyExchange%20-Subject%20%22C%3DUS%2C%20ST%3DIO%2C%20L%3DIOCity%2C%20CN%3D*.domain.local%22%20%60%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20-NotAfter%20%24extended_date%20%60%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20-KeyLength%204096%20%60%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20-FriendlyName%20vdm%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%24pwd%20%3D%20ConvertTo-SecureString%20-String%20'%24password'%20-Force%20-AsPlainText%3C%2FP%3E%3CP%3E%24path%20%3D%20'cert%3A%5ClocalMachine%5Cmy%5C'%20%2B%20%24cert.thumbprint%3C%2FP%3E%3CP%3EExport-PfxCertificate%20-cert%20%24path%20-FilePath%20c%3A%5Ctemp%5Cssl%5Cteltrium-local.pfx%20-Password%20%24pwd%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ethe%20certificate%20is%20created%26nbsp%3B%20and%20i%20added%20to%20the%20trusted%20site.%20the%20only%20difference%20between%20this%20an%20the%20one%20applied%20at%20setup%20is%20the%20Key%20Usage%20has%26nbsp%3B%20a%20yellow%20exclamation%20point.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fcommunities.vmware.com%2Fservlet%2FJiveServlet%2FshowImage%2F2-2827169-302961%2FpastedImage_2.png%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fcommunities.vmware.com%2Fservlet%2FJiveServlet%2FdownloadImage%2F2-2827169-302961%2FpastedImage_2.png%22%20border%3D%220%22%20width%3D%22452%22%20height%3D%2266%22%20%2F%3E%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDoes%20anyone%20know%20what%20I%20am%20doing%20incorrectly.%20is%20there%20an%20%22IDIOTS%20Guide%22%20somewhere%3F%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Any%20assistance%20is%20greatly%20appreciated.%20thank%20you%20in%20advance.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-308229%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ESSL%20Certificate%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
yury lafontaine
New Contributor

I think i have tried everything with i have found to create a  wildcard certificate for horizon for the past several days. and nothing has worked.  i get errors like

 

"This site can’t provide a secure connection localhost uses an unsupported protocol."  or

"err_ssl_version_or_cipher_mismatch"

 

all which do not allow the interface to come up.   

 

i have even tried  the following link, all which have not been fruitful

 

Creating a wildcard webserver certificate with your internal Microsoft CA | Robbie Roberts Blog OCS,...

 

now i am creating the certificate Poweshell with the script below which works on Windows 10 but not Windows server 2012 R2 

 

$date_now = Get-Date

$extended_date = $date_now.AddYears(99)

$cert = New-SelfSignedCertificate  `

    -Type Custom `

    -certstorelocation cert:\localmachine\my `

    -dnsname *.domain.local `

    -KeyUsage DigitalSignature, KeyEncipherment `

    -KeySpec KeyExchange -Subject "C=US, ST=IO, L=IOCity, CN=*.domain.local" `

    -NotAfter $extended_date `

    -KeyLength 4096 `

    -FriendlyName vdm

 

 

$pwd = ConvertTo-SecureString -String '$password' -Force -AsPlainText

$path = 'cert:\localMachine\my\' + $cert.thumbprint

Export-PfxCertificate -cert $path -FilePath c:\temp\ssl\teltrium-local.pfx -Password $pwd

 

the certificate is created  and i added to the trusted site. the only difference between this an the one applied at setup is the Key Usage has  a yellow exclamation point.

 

 

Does anyone know what I am doing incorrectly. is there an "IDIOTS Guide" somewhere?    Any assistance is greatly appreciated. thank you in advance.

Related Conversations
Extentions Synchronization
Deleted in Discussions on
3 Replies
Tabs and Dark Mode
cjc2112 in Discussions on
38 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies