Questions[ssl-certificate](server)

I ask this question, because Comodo are telling me that a wildcard certificate for *.example.com will also secure the root domain example.com. So with a single certificate, both my.example.com and example.com are secured without warning from a browser.

However, this is not the case with the certificate I've been provided. My sub-domains are secured fine and do not give an error, but the root domain throws up an error in the browser, saying the identify can't be verified.

When I compare this certificate to other similar scenarios, I see that in the scenarios that work without error, the Subject Alternative Name (SAN) lists both *.example.com and example.com, whereas the recent certificate from Comodo only lists *.example.com as the Common Name and NOT example.com as the Subject Alternative Name.

Can anyone confirm/clarify that the root domain should be listed in SAN details if it is also to be secured correctly?

When I read this: http://www.digicert.com/subject-alternative-name.htm It seems that the SAN must list both in order to work as I need it to. What's your experience?

Thanks very much.

I have a .cer certificate and I would like to convert it to the .pem format.

If I remember correctly, I used to be able to convert them by exporting the .cer in Base64, then renaming the file to .pem .

How do I convert a .cer certificate to .pem?

I am using Windows and have been given a .cer file. How can I view the details of it?

I want to download the ssl certificate from, say https://www.google.com, using wget or any other commands. Any unix command line? wget or openssl?

Is there any standard or convention for where SSL certificates and associated private keys should go on the UNIX/Linux filesystem?