SAP Knowledge Base Article - Public

2809025 - SSL installation using wildcard certificates - Recruiting Marketing

Symptom

Is it possible to install an SSL for the RMK career site using a wildcard certificate?

Environment

SAP SuccessFactors Recruiting Marketing (RMK)

Resolution

A wildcard certificate is a digital certificate that is applied to a domain and all its subdomains.
We do not recommend using wildcard SSL certificates as it involves the risk of compromising the private key for SSL installation. The private key is "required" and must be shared using a secured channel.

The recommended process when raising a request for a new SSL certificate or an SSL renewal is to use a Certificate Signing request (CSR).
This is created by the Network team and based on the CSR, you can procure the SSL.  With this process we have the private key, so there is no issue with compromising the private key in transit.

Note that the disadvantages and risks associated with the use of wildcard certificates are not dictated by SAP.  Information on those can be found online. Some examples are:

Security: If one server or sub-domain is compromised, all sub-domains may be compromised.
Management: If the wildcard certificate needs to be revoked, all sub-domains will need a new certificate.
Compatibility: Wildcard certificates may not work seamlessly with older server-client configurations.

If customers decide to proceed, they can go ahead with the process depending if this is a new installation or a renewal.

As per KBA 2528548 new SSL requests must be submitted by implementation partners directly via the Operations portal. Support will not process these.

For SSL renewals, customers can submit a support ticket for processing.

See Also

2231401 - Certificate Renewal - Recruiting Marketing

2528548 - Partner Resources for Career Site Builder Implementations - Recruiting Marketing

Keywords

Wildcard, Certificate, SSL, CSR, RMK, Renew, Recommendation , KBA , csg_q , LOD-SF-RMK-CER , Certificate Renewal, IP Address, Domain , LOD-SF-RMK-COR , RMK Core Platform , LOD-SF-RMK-ADM , Administration, Setting, Permissoin & RBP, RecruiterSyn , How To

Product

SAP SuccessFactors Recruiting all versions