Until recently I've been making my own certificates for publishing xbap(ye ye I known, stuck in the world of LOB ;) ) applications on a wide range of servers and domains. I now need to change to using certificates from a trusted CA.
Back in the day I played around with java, I mean to recall that certificates for both ssl and code signing was bound to the domain.
IE if you had the domain foo.com and changed to foobar.org you needed to change certificates and also the namespace of the packages from com.foo.* to org.foobar.*
Anyways; Does this rule also apply to xbap applications(excluding namespace)? Will I need a certificate for each domain for code signing for full-trust? Or is it independent of domains?
Will my xbap application deployed to foo.com need another certificate than the one deployed to foobar.org, for having fulltrust with no hassle for the end user?
Brgds, Stian
Answering my own question here:
Code signed certificates are not domain bound.
ssl is domain bound. Wildcard certificates may be used for sub domains. But one may get certificates covering multiple domains, but the "owning" company's information will be present in those certificates.
Already answered @ msdn, but I'd just like to close cases here.
Brgds, Stian