Over the years, publicly-trusted CAs have issued SSL certificates with domain names of different types. The most common is the Fully Qualified Domain Name (FQDN). This is a certificate that has been issued with a name registered with an entity that manages a top-level domain (TLD), for example server1.domain.com. The differentiating characteristic about an FQDN is that it is unique . There is one controller of domain.com and that controller determines who can have any name under that root, such as server1.domain.com. Along the way, public CAs also issued certificates with non-FQDNs, such as: Server host name only, for example: server1 Server name with non-managed TLD, for example: server1.domain.local (In this example, local is not a TLD per ICANN.) Reserved IP addresses (In this case, the IP address cannot be registered, see IPv4 and IPv6.) Many SSL certificates have been issued that contain non-unique domain identifiers. Correspondingly, there are many security risks w
for DevOps, .NET Developers, Cloud Architects & Consultants
