SSL/TLS certificates play a significant role in web security. Most business owners are moving their websites to HTTPS in part due to Google’s initiative to flag sites not using SSL/TLS certificates as “not secure,” and because they see the benefits of installing an SSL/TLS certificate on their web servers.
With cyber-crime on the rise, using SSL/TLS certificates is integral to building trust with users and taking a step toward improved digital security. SSL/TLS certificates ensure that the communication channel between your client browser and the server you’re connecting to is encrypted. Over an encrypted channel, if an attacker tries to sniff your traffic, they would end up with garbled information that is unintelligible and practically useless.
A multi domain SSL certificate is a single certificate that you can use to secure multiple domains (or subdomains if you list them as SANs). A wildcard SSL certificate, on the other hand, secures only your primary domain and unlimited subdomains at a single level.
Multi Domain SSL/TLS Certificates
Multi domain SSL/TLS certificates, also called unified communications certificates (UCC) or subject alternative name (SAN) certificates, secure multiple fully-qualified domain names (FQDNs).
Consider the following example:
Bob is a serial entrepreneur with multiple lines of business. He has a different website for each of these businesses, and he wants to use HTTPS on all of them without the hassles of managing multiple SSL/TLS certificates. Suppose he wants to secure the following websites:
With a SAN certificate, he can secure all of these sites by citing them as SANs on a single certificate.
Secure Up to 250 Multiple Domains with One Multi Domain SSL – Save 50%
Save 50% on Sectigo Multi Domain SSL Certificates. It includes unlimited server licenses, reissuances, 256-bit encryption, and more.
Wildcard SSL/TLS Certificates
With a wildcard SSL certificate, you can secure unlimited subdomains using one certificate at a single level. Consider Bob from our previous example. Let’s say he purchased a domain named www.site5.com. Now, suppose www.site5.com has multiple sub-domains:
- dev.site5.com, etc.
With a wildcard SSL certificate for *.site5.com, Bob can secure music.site5.com, order.site5.com, collection.site5.com, dev.site5.com, etc. The asterisk is used to specify one particular level that it can secure, not multiple levels. For example, a certificate for *.site5.com will not secure test.dev.site5.com. You would need a separate wildcard SSL certificate to secure second-level subdomains (*.dev.site5.com).
Secure Unlimited Subdomains with One Wildcard SSL Certificate – Save 50%
Save 50% on Sectigo Wildcard SSL Certificates. It includes unlimited server licenses, reissuances, 256-bit encryption, and more.
Multi-Domain SSL vs Wildcard SSL
The table below highlights the differences between multi domain (SAN) SSL certificates and wildcard SSL certificates:
|Multi Domain SSL||SSL Wildcard Certificate|
|A single certificate for multiple domains and subdomains.||A single certificate for an unlimited number of subdomains at a specific level.|
|Limitations on the number of domains covered are defined by the issuing certificate authority.||No limits on the number of subdomains covered.|
|Example: www.website.com, blog.website.com, www.website.org, www.example.com, etc. can all be secured using one certificate.||Example: *.site.com secures every subdomain at that level such as order.site.com, blog.site.com, etc.|
|The different domain names to be secured must be defined and added at the time the certificate is purchased.||Additional subdomains can be added or removed at any time.|
|Available for all levels of validation – DV, OV, and EV.||Available for DV and OV levels of validation only. EV is not an option for wildcard certificates.|
As far as making a choice between the two certificates is concerned, it depends on your business needs. If you need to secure multiple domains, a multi-domain (SAN) SSL certificate would be a good fit. If, on the other hand, your business has numerous subdomains all at the same level on your primary domain, you could choose a wildcard SSL certificate instead.
There is a third option: using a multi domain wildcard SSL certificate, which combines the utility of both types of certificates. With this option, you can choose to secure multiple domains and an unlimited number of multi-level subdomains.