Overview
This article describes the precautions for domain names when a user applies for an SSL certificate.
Precautions
The following sections describe the precautions for domain names when a user applies for an SSL certificate.
Domain name used to apply for an SSL certificate
The demo.example.com
website is used in the example. You need to maintain the security of the website in the following scenarios:
- The logon page is
http://demo.example.com/login.asp
. In this case, you must apply for an SSL certificate to ensure the security of your username and password. - The page to manage logon information is
http:/demo.example.com/oa/manage.asp
. In this case, you must use an SSL certificate to ensure the information security of internal management systems.
In these scenarios, you must use the domain name of demo.example.com
to apply for an SSL certificate to ensure the security of related pages.
Security hardening for websites with a large number of access requests
If your website is frequently requested, we recommend that you configure an independent web server, namely an HTTP server, for the web pages that use SSL certificates. You also need to use a separate domain name, such as learn.example.com
or guide.example.com
, to apply for SSL certificates.
Consistency of the domain names entered
When you visit the https://demo.example.com
website, the domain name of the website must be consistent with the domain name that is used to apply for an SSL certificate. Otherwise, a message indicating that the name of the SSL certificate is invalid or does not match the name of the website may be displayed.
References
Application scope
- SSL Certificates Service