This is a business decision only. * is a wild card and can be used with any IP address.
Some clients like to have a different SSL cert for each client for business reasons such as not being able to potentially use the SSL cert at another location.
You will have to decide which best suits your business/security needs.
obviously the wild card and single SSL cert is easier to maintain.
but if you have a requirement to redo your SSL certs once a year than probably having individual ones will work better for you so that when you change it out it only affects a single client at a time.
------------------------------
Gene Howard
Principal Support Engineer
Broadcom
------------------------------
Original Message:
Sent: 02-19-2020 02:05 PM
From: Keith Clay
Subject: Using '*' as common name for client certs on hubs
Folks,
We are having a discussion about the best way to setup client certs on a hub. The documentation says to use the IP. The training video on youtube shows using '*'.
Which is the best way to do this?