rrinc wrote
Can I set a certificate's domain to use just * or is that a bad idea?
I'm resetting up my website (since I switched to my P3 Server) and this is pretty much the last thing left
You can generate a self-signed certificate which matches with any domain of the form xxx.yyy.zzz using:
*.*.*
To match with yyy.zzz form domain names: *.*
To match with domain names with a single component zzz: *
To have a certificate that matches with all these forms, have its common name set to:
* *.* *.*.*
This is a multiple value common name and will match with any of these domain names.
. I'm also wondering if there's an incompatibility with using 1024 or 2048 bit keys.
What kind of incompatibility are you referring to here? 2048 bit keys are just longer and more secure than 1024 bit keys. They also need more time to be generated and encrypting SSL connections with them needs more CPU ressources than with 1024 keys.