SSL Certificate and Subject Alternate Name (SAN)

If your host name has multiple DNS entries, rather than requesting separate SSL certificate for each host name you can request the Subject Alternate Name (SAN) to be included in your SSL request.

If this is your first time generating a CSR, you can include the SAN information in the CSR. This process has been automated via a python script by the technical staff at UC Berkeley. More information can be found here: https://wikihub.berkeley.edu/display/calnet/CalNet+InCommon-Comodo+Certificate+Service#CalNetInCommon-ComodoCertificateService-GenFAQ

Note: If you use the python script, please make necessary changes under the [ req_distinguished_name ] section in the script.

If you already have a SSL certificate issued and currently in use, a SAN can be added to existing cert without having to generate a CSR or to revoke existing cert. In this case, contact your CERT authority to make this arrangement.

This article assumes you are using InCommon-Comodo Certifcate Service. If you are using other Cert providers, please check with your vendor