Amazon SOA-C02 Exam: Valid Domain Names for ACM Certificate with Wildcard *.example.org

Valid Domain Names with Wildcard *.example.org

Question

You have deployed a web-server on EC2 instance with domain name as example.org.

Since there are many subdomain created, you plan to use wildcard name with domain while creating these certificates using Amazon Certificate Manager.

Which of the following are valid Domain Names which will be supported using an ACM certificate with wildcard *.example.org? (Select Two).

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

Correct Answers: A and D.

ACM supports wild card names while creating certificates.

With an Asterix (*)in the leftmost part of the domain, it supports any subdomain up to 1 level.

In the above case, wildcard *.example.org will protect the following sub-domains abc.example.org & login.example.org.

It will not protect an apex domain example .org& two levels of sub-domain.

Option B is incorrect as *.example.org will protect the sub-domain for example.org & not example.com.

Option C is incorrect as *.example.org will not protect the apex domain, example.org.

For the apex domain, a separate certificate needs to be added.

Option E is incorrect as Wildcard name *.example.org supports only one level of sub-domains & not 2 levels.

For more information on Amazon Certificate Manager, refer to the following URLs-

https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html

Sure, I can explain it in detail.

Amazon Certificate Manager (ACM) is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources.

When you create a wildcard SSL/TLS certificate, it allows you to secure all subdomains under a single domain. In this case, the domain name is example.org and the wildcard name is *.example.org.

Now, let's look at the options provided in the question and determine which ones are valid Domain Names that will be supported using an ACM certificate with a wildcard *.example.org.

Option A: abc.example.org - This is a valid subdomain of example.org, so it will be supported by the ACM certificate with a wildcard *.example.org.

Option B: example.com - This is a different domain altogether and not a subdomain of example.org, so it will not be supported by the ACM certificate with a wildcard *.example.org.

Option C: example.org - This is the primary domain that the ACM certificate is issued for, so it will be supported by the ACM certificate with a wildcard *.example.org.

Option D: login.example.org - This is a valid subdomain of example.org, so it will be supported by the ACM certificate with a wildcard *.example.org.

Option E: error.login.example.org - This is a valid subdomain of login.example.org, but it is not a direct subdomain of example.org, so it will not be supported by the ACM certificate with a wildcard *.example.org.

Therefore, the valid Domain Names which will be supported using an ACM certificate with a wildcard *.example.org are option A (abc.example.org) and option D (login.example.org).