Can I secure SSL VPN with a wildcard cert, if SSL VPN is IP based?

rajpaalsinha · ‎04-03-2025

I am trying to put a cert on the SSL VPN. All I have access to is wildcard certs. I have already tried and failed, and now I am wondering if I can or if I am doing it wrong.

AEK · ‎04-03-2025

Yes you can, but you need to access it via FQDN (e.g.: ssl.mydomain.com), not IP address, otherwise the cert is useless.

AEK

Hassan97wsh · ‎04-06-2025

The IP address will not match the certificate wildcard subject name or alternative subject name. The wildcard certificate cannot be used to authenticate the server by its IP address.

Hassan
TAC Engineer

jiahoong112 · ‎04-06-2025

the wildcard certificate will only apply if the method you are connecting to the sslvpn is fqdn based. in this case, you'll have to bind your public ip with fqdn or use FortiDDNS: https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/685361/ddns

**If you come across a resolution, kindly show your appreciation by liking and accepting it, ensuring its accessibility for others**

joshbergm · ‎04-11-2025

Hi,

You can do this if you add the IP address in the SAN name field.
However it's better to use a FQDN.

Can I secure SSL VPN with a wildcard cert, if SSL VPN is IP based?

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website