How do Multi-Domain Wildcard SSL Certificates work?

Wednesday, April 26th, 2017

A Multi-Domain Wildcard SSL Certificate is specifically created to allow users to secure multiple domains and sub-domains using one single SSL Certificate.

NOTE #1: Any Multi-Domain Wildcard SSL Certificate should start with a non-Wildcard domain. This means that anytime you configure and request a Multi-Domain Wildcard SSL Certificate, you need to generate a CSR (Certificate Signing Request) for a single domain (such as: example.com), without any asterisk sign “*”. This is a requirement that comes from the Certificate Authorities. All the additional SANs (2nd, 3rd, 4th domains) can be Wildcard domains.

For example, a Multi-Domain Wildcard SSL Certificate that has 4 SAN (domains) by default, allows you to secure the following:

  1. One main domain and multiple Wildcard domains:
    1. example.com – included in the CSR (Certificate Signing Request)
    2. *.example.com
    3. *.mysite.com
    4. *.abcxyz.com
  2. One main domain and multiple Wildcard domains (with both, 1st level and 2nd level sub-domains):
    1. example.com – included in the CSR (Certificate Signing Request)
    2. *.example.com
    3. *.mob.example.com
    4. *.mysite.com
  3. Several domains and multiple Wildcard domains (with both, 1st level and 2nd level sub-domains):
    1. example.com – included in the CSR (Certificate Signing Request)
    2. *.example.com
    3. mysite.com
    4. *.mob.mysite.com

NOTE #2: If you add a SAN item like *.domain.com, you will protect its unlimited sub-domains but not the main domain. For example, if you want to secure secure two domains and all their sub-domains, you have to configure your SSL in the following format:

  1. domain.com – included in the CSR (Certificate Signing Request)
  2. *.domain.com
  3. mysite.com
  4. *.mysite.com

You can add sub-domains to your server and they will be covered by your Wildcard SSL Certificate automatically. You do not need to re-issue your Wildcard SSL Certificate each and every time when you add sub-domains to it. The newly added sub-domains will be automatically covered by your Wildcard SSL Certificate.

 

X
X