Wildcard SSL allows you to secure an unlimited number of subdomains on a single certificate. It’s a great solution for anyone who hosts or manages multiple sites or pages that exist on the same domain. The one-time cost of the certificate covers you for additional subdomains you may add in the future.

My case is, I have already installed the wildcard SSL in my linux servers for the main domain. Now I want to install the same for my subdomain which is in Windows. We cannot rekey, we need to convert generate a .pfx using the linux generated private key file.

Here are the steps:-

1) Download the current wildcard certificate for windows platform from Godaddy. Go to your GoDaddy product page.
2) Select SSL Certificates and select Manage for the certificate you want to download.
3) Under Download Certificate, select a Server type and then select Download Zip File.
4) Please copy this to your windows server. This will have .crt, .pem & .p7b file.
5) You can follow this link now. https://in.godaddy.com/help/manually-install-an-ssl-certificate-on-my-iis-10-server-27349
=> Convert your .crt file to a .cer file
=> Add a Certificate Snap-in to the Microsoft Management Console (MMC)
=> Import the Intermediate SSL Certificate
=> Install your SSL certificate:-
At this point, we need to have our own .pfx file. In windows server, this gets created when you generate CSR and private key and submit it to Godaddy for new SSL certificate request.

But since we’ve used our linux server for CSR request, in general this not supported by design. But there is a work around. We need to generate a .pfx using our linux generated private key file.

I had run this command from one of our linux server and got pfx key file for windows. And have copied .pfx file to windows server.

openssl pkcs12 -inkey /etc/ssl/certs/startcert.key -in /etc/ssl/certs/38a82df3cfb2f793.crt -export -out /etc/ssl/certs/38a82df3cfb2f793.pfx

Please use this .pfx file for at this step for primary certificate.
On the new window, click … to browse, find your previously uploaded primary certificate file and click Open. => Bind the SSL certificate Thats all we are done.

Leave a Reply