https://it.cornell.edu/ssl/renew-or-request-ssl-certificate
We used multi-domain SSL certificate for our servers.
Check the current SSL: https://www.sslshopper.com/ssl-checker.html
CSR Generation: Using OpenSSL (Apache w/mod_ssl, NGINX, OS X)
openssl req -nodes -newkey rsa:2048 -keyout xcu-aad-03.key -out xcu-aad-03.csr -subj "/C=US/ST=New York/L=Ithaca/O=Cornell Univ./OU=AAD/CN=aad.cornell.edu"
What is a multi-domain SSl certificate?
A multi-domain certificate allows you to secure a primary domain, and up to 99 additional fully qualified domains, in a single certificate. It is best for organizations that have multiple unique domains hosted on a single server.
- The domains included in multi-domain certificate do not have to have unique IPs.
- It must be reissued each time you want to add a new host/domain name to the certificate.
When generating a CSR for multiple domain certificate, enter the primary domain name in common name field. In SSL request form's Subject Alternative Names field, enter the rest of domain names that you want included in the certificate.