What is Multi Domain Wildcard SSL and How Does It Work?

If you need to get an SSL/TLS certificate for more than one domain and multiple levels of subdomains, the multi-domain wildcard SSL certificate would be the perfect fit for your business. It takes away the hassles of managing multiple certificates for your entire portfolio of websites.

How a Multi Domain Wildcard SSL Certificate Differs from Other SSL Certificates

Still not quite sure how it all works? Let’s consider the following example:

Our friend Bob is a very successful businessman and has multiple websites for different lines of business with various subdomains. Ever since Google decided to flag HTTP websites as “not secure,” his business has seen a loss in customers because not all his websites have transitioned to HTTPS. He is extremely flummoxed with the whole situation of issuing, managing, and reissuing certificates and is looking for a simple solution to his problem.  

Bob already has the following domains and subdomains with the intention of adding more in the future:

• www.site1.com
• blog.site1.com
• products.site1.com
• order.site1.com
• dev.blog.site1.co.uk
• test.blog.site1.com
• www.site2.org
• dev.blog.site2.com
• test.blog.site2.com
• blog.site2.ca
• products.site2.com
• order.site2.com
• www.site3.com
• www.site4.net
• www.site5.com

Instead of purchasing a single certificate for each, or one for each domain, Bob decides to use a multi domain wildcard SSL certificate. The certificate has subject alternative name (SAN) domain fields that he uses to lists the following as SANs

• *.site1.com (secures blog.site1.com, products.site1.com, order.site1.com, etc.)
• *.blog.site1.com (secures dev.blog.site1.com, test.blog.site1.com, etc.)
• *.site2.com
• *.blog.site2.com
• *.site3.com
• *.site4.net
• *.site5.com

Unlike  a regular multi domain/SAN SSL certificate, you don’t need to redeploy the certificate each time you add a server to the list. For example, Bob can add blog.site3.com or tech.site3.com since it fits into the *.site3.com rule. Bob, however, didn’t add multiple levels to the rule, so if he needs to add dev.blog.site3.com or project.blog.site3.com, he would have to add that as a SAN. For a new domain, if it is in the same organization, there’s no need to go through the organization validation process again. However, the domain will be verified before it can be added to the certificate.

Features of a Multi Domain Wildcard SSL Certificate

Multi domain wildcard SSL certificates offer the same level of encryption as other SSL/TLS certificates. The difference between certificates varies in terms of their levels of validation and functionalities.

Listed below are the features of multi domain wildcard SSL certificates:

• Include 256-bit strong encryption with 2048-bit RSA signature key.
• Supports domain validation (issued within minutes) as well as organization validation (which typically takes one to three days)
• One certificate that covers multiple domains and an unlimited number of multi-level subdomains
• SAN wildcard support enabled
• Includes a site seal
• Enable HTTPS and the secure site padlock icon
• Offer unlimited re-issuance
• Supported by all major client browsers and mobile devices
• Can be used on the same or multiple physical servers
• Reduces complexity by simplifying the certificate management process for small and large-scale industries
• Reduces the overall cost of enabling secure browsing across all the websites of the applicant’s business
• Some CAs include additional benefits with their certificates such as vulnerability assessments and unlimited server licenses
• Almost all CAs offer a warranty and refund policy for their multi domain wildcard SSL certificates

Key Considerations Before Purchasing a Multi Domain Wildcard SSL Certificate

Now that we understand what a multi-domain wildcard SSL has to offer let us look at some key points to keep in mind before we hit on add to cart.  

Common Name (CN) Domain

The certificate signing request (CSR) must have a non-wildcard entry as the common name. The wildcard version needs to be included as a SAN. For example,

• Common Name: www.domain.com
• SAN 1: *.domain.com
• SAN 2: *.example.com
• SAN 3:  *.dev.example.com

Domain Name Visibility

This certificate will list separate domains together. This means that all of your domains will be visible to site visitors. If you don’t want site visitors to see them for any reason, then this certificate is not a viable option.

WWW vs Non-WWW Domains

The certificate will not automatically secure the non- “WWW” versions of the wildcard domain entries.

Availability of Multi Domain Wildcard SSL Certificates

This product is offered by Comodo CA (powered by Sectigo).

Top Sectigo Multi-Domain Wildcard SSL Certificates of 2020

Features	PositiveSSL Multi-Domain Wildcard (DV)	Sectigo OV Multi-Domain Wildcard SSL Certificate	Sectigo OV UCC Wildcard SSL Certificate
Lowest Price	$159.20/yr	$639.20/yr	$639.20/yr
Domains Secured	Main Domain + Sub Domains	Main Domain + Sub Domains	Main Domain + Sub Domains
Validation Level	Domain Validation	Organization Validation	Organization Validation
SSL Encryption	up to 256-bit	up to 256-bit	up to 256-bit
Key Length	2048 bits	2048 bits	2048 bits
Notification Level in Browsers	Business name displayed on certificate details	Business name displayed on certificate details	Business name displayed on certificate details
Server License/td>	Unlimited	Unlimited	Unlimited
SSL Site Seal	Included	Included	Included
Reissue Policy	Unlimited	Unlimited	Unlimited
Warranty	$50,000	$1,000,000	$1,000,000
Refund Policy	30 Days	30 Days	30 Days
Wildcard Support	Yes	Yes	Yes
SAN / UCC Support	Yes	Yes	Yes
Browser Support	99%	99%	99%
OS Support [Desktop]	Yes	Yes	Yes
OS Support [Mobile]	Yes	Yes	Yes
Buy Now	View Product	View Product	View Product