Ever since internet users have gained awareness about cyber-crimes and cyber-attacks, they have become more cautious towards using online services and surfing online sites. Business owners have religiously started using web security services to keep their sites and customer information secure. One of the most secured types of web securities comes in the form of SSL certificates.
About SSL Certificates:
SSL is the acronym of Secure Socket Layer. It is a digital web security certificate, which secures the browser – server communications by using the encryption method. Encryption makes the data communication completely non-readable and hence secures the same from prying eyes. These digital certificates use cryptographic keys to bind data digitally, thus allowing secure communication.
When a site has an SSL certificate installed on it, it shows visual trust indicators like HTTPS in the address bar and a padlock in the URL.
Various types of SSL certificates secure your website is in multiple ways. Some SSL certificates just secure the main domain, while some are meant to secure both domain and subdomain, while some SSL certificates secure multiple domains and sub-domains. Coming in different validations, these digital certificates, rule the web security world.
This article is dedicated to users who always ask this generic question:
“Can one SSL certificate cover multiple domains?
And the answer is “Yes”. Why not.
Gone are the days when businesses having multiple domains were needed to buy many SSL certificates, each securing a single domain, making it an expensive and time-consuming process. Over the coming years, more types of SSL certificates were added, giving a tailor-made solution to the business owners, with improved functionality and business-friendly management.
Currently, if you wish to secure multiple domains of your website, the options are:
- Multi-Domain SSL/SAN Certificate
- UCC Certificate
- Multi-Domain Wildcard SSL Certificate
How only One Single SSL Certificate Secures Multiple Domains?
Your choice of SSL certificate solely depends on your business web security needs, the domains which you need to be secured, and the number of sub-domains you wish to secure, including the ones you may need to add in the future. Let us check how the securities are provided by the above-mentioned certificates.
1. Multi-domain SSL/SAN SSL certificate:
A Multi-domain certificate or a SAN (Subject Alternate Name) SSL allows you to attach ample hostnames to a single SSL certificate. Though these hostnames include domain URLs, they are usually used for fully qualified domain names (FQDN).
One single multi-domain SSL certificate secures multiple domains as well as multiple sub-domains of all levels. All the domains or SAN names are mentioned in the SSL certificate.
Example:
Multi-domain SSL certificates secure various domains and sub-domains of the same company as www.mysite.com, www.mystuff.com, www.other.mystuff.com, www.otherstuff.net, etc.
This SSL certificate can secure both www and non-www versions and up to 250 domains. It can also easily add domains when required. This SSL is available in all three validations, i.e. Domain Validation (DV), Organisation Validation (OV), and Extended Validation (EV).
Encryption Process of Multi-Domain SSL Certificate:
Though SSL certificates have multiple types, they offer the same level of encryption security. Just ensure that your SSL certificate is bought from trustworthy CA’s recognized by the browser.
Whenever a browser arrives at a website on the request of the user, the server performs the SSL handshake process. It sends a client copy of the SSL certificate to the browser, for authentication as mentioned below.
- Validates the SSL certificate
- Inspects the revocation status
- Confirms the signature
- Checks the list of SANs against the one requested by the client (browser)
When any user attempts to access a site, which is secured with a multi-domain SSL certificate, the browser will automatically check whether the requested URL matches the list of SAN names or not. If the check is positive, a secured connection will be set up between the browser and the server.
Comodo Positive SSL Multi-domain (DV), GeoTrust Multi-domain (EV) are a few popular names.
2. UCC Certificate:
Unified Communication Certificate (UCC) function the same as multi-domain SSL, but this SSL are particularly designed for Microsoft Exchange Servers and Office Communication Servers.
The only drawback of Multi-domain SSL/UCC certificates is that each SAN costs. Free package along with SSL certificate includes only 2-4 free SANs.
Example: Comodo Exchange Server UCC SSL is very appropriate for all exchange servers & office communications servers like Live communications, Outlook, MS exchange services, etc. It is available at a very nominal rate at CheapSSLShop, as compared to the vendor rates.
3. Multi-Domain Wildcard SSL Certificate:
If you want a single solution for multiple wildcard domains, Multi-Domain Wildcard Certificate is an ideal choice. It covers multiple websites on different IP addresses, including securing of all level sub-domains, this SSL certificate makes web security easy for business owners having multiple businesses. Cost management and time management are its advantages.
The above picture is a perfect example of a Multi-Domain Wildcard SSL certificate. The three websites of business are:
- *.example.com
- *.xyz.net
- *. anydomain.co.uk
If you want to secure subdomain of a subdomain, it can be possible with this certificate like *.blog.example.com, *.mail.example.com, etc.
A Wildcard SAN SSL has SAN names like:
- *.Example.com
- *.Xyz.net
- *. Anydomain.co.uk
This helps to secure multiple sub-domains with one SAN Wildcard Certificate. Even if the domains are spread on multiple servers, only one SAN Wildcard SSL certificate secures the entire digital business.
Benefits:
The most prominent advantages of this SSL are:
- Compatibility with browsers and mobile devices
- Can be used on multiple servers
- Instant addition, or modification of additional domains throughout the certificate lifespan
- Complete and thorough certificate management for all business sizes
- Increased efficiency in managing certificate, budget-friendly and cost-effective
Comodo Positive SSL Multi-Domain Wildcard helps reduce certificate management risk and is the best option for businesses having many websites.
Multi-Domain/SAN SSL Vs Multi-Domain Wildcard SSL:
Multi-Domain/SAN SSL | Multi-Domain Wildcard Certificate |
It secures up to 250 domains and unlimited subdomains at multiple levels. | It secures up to 100 domains and unlimited subdomains at multiple levels. No. of domains covered depends on the certificate provider. |
No asterisk is needed before the domain name in the SAN field of CSR. | An asterisk which is a wildcard character needs to be mentioned before the domain name in the SAN fields of the CSR. |
Example:
Domains like www.article.org, www.webmysite.com, www.example.com, etc. and subdomains like blog.mysite.com can be secured using one certificate. |
Example:
*.website.com, *.blog.website.com secure every subdomain at that level such as article.website.com, blog.website.com, case.website.com, etc. |
All the domain names which need SSL security should be added at the time of certificate purchase. For the addition, deletion, or modification of SANs, re-issuance of certificate is essential. | Addition, deletion, or modification of domains or subdomains can be done at any time. No re-issuances are needed for the same reason. |
This SSL is available in all levels of validations – DV, OV, and EV. | This SSL is available only in DV and OV levels of validation. Because it holds a wildcard character, EV level of validation is not available for this SSL certificate. |
Final Thoughts:
The choice of an SSL certificate completely depends on the domains and sub-domains which need to be secured for your digital business. It also depends on the addition of these in the future.
If you do not wish to add sub-domains in the future, Multi-Domain SSL is a perfect choice, but if additional sub-domains need to be added later on, the Multi domain Wildcard option is a classic choice.
Securing domains and sub-domains in Microsoft Exchange Server or Office Communications needs an unbeatable UCC Certificate.
So, go for the desired SSL security and secure your digital empire.