Multi Domain Certificates

The Subject Alternative Name (SAN) SSL certificate, also called the Unified Communication Certificate (UCC) or the Multi-Domain SSL certificate was particularly developed to secure all your domains and subdomains by owning one single SSL certificate. This type of certificate ensures the security for both, your internal and external domains/subdomains and is fully compatible with your Microsoft Exchange products and Microsoft Office Communications Server.

UCC/SAN SSL certificates are not just easy to be managed but are the most cost-effective option. These certificates give you the opportunity to secure your main domain, for example, ssldragon.com, together with many other totally distinct domains, like ssldragon.net, ssldragonsslcertificates.com and its subdomains mail.ssldragon.com and account.ssldragon.com – all with 1 single certificate. Besides, unlike Wildcard SSL certificates, UCC/SAN certificates are available in all three validation methods: Domain Validation (DV), Business Validation (BV) and Extended Validation (EV).

You can find our full list of Multi Domain (UCC/SAN) SSL Certificates at this link.

multi-domainYou can secure inexpensively and efficiently multiple domains and/or sub-domains with a Multi-Domain (SAN) SSL Certificate. Depending on the SSL Certificate brand and certificate product, the SAN cert will include a different number of additional domains at the price quoted on the SSL Certificate’s details page (see screenshot on the right).

You can find our full list of Multi-Domain (SAN) SSL Certificates at this link.

Yes, you can receive a refund for the unused additional domains that you bought. If you have already activated the SAN for a particular domain name, than you cannot be refunded for that specific domain name, unless you accept to take off that SAN/domain from multi-domain certificate.

The multi-domain certificate can be initially activated for the primary domain name. If you wish to add more domains later, you need to reissue the certificate in your SSLDragon.com account.

multi-domainA Multi-Domain (SAN) SSL Certificate is specifically created to allow users to secure multiple domains and/or multiple sub-domains with one single SSL Certificate. Depending on the SSL Certificate product and brand, the certificate will include a different number of additional domains (called SANs) at the price quoted on the SSL Certificate’s details page (see screenshot on the right).

For example, a Multi-Domain (SAN) SSL Certificate that has 4 domains by default allows you to secure:

  • Four different domains:
    1. mysite.com
    2. example.com
    3. abcxyz.com
    4. demo123.com
  • Four different sub-domains:
    1. my.example.com
    2. mail.example.com
    3. test.mysite.com
    4. account.mysite.com
  • Four different domains and sub-domains:
    1. example.com
    2. my.example.com
    3. abcxyz.com
    4. mail.demo123.com

sanNOTE: Here is how you should configure your Multi-Domain SSL Certificate on our website: When you generate a CSR (Certificate Signing Request), please include one single domain name or sub-domain in it, such as: www.example.com. The rest of the domains or sub-domains, which are called SANs (2nd, 3rd, 4th domains or sub-domains) should be included in the fields for additional domains. You will see the fields for additional domains on the SSL Certificate configuration form, right under the text area for the CSR (see screenshot on the right).

multi-domain2When you buy or configure your Multi-Domain (SAN) SSL Certificate, please note that most Multi-Domain Certificates do not secure the domains with and without “www”. With other words if you want to secure both, example.com and www.example.com under one single Multi-Domain Certificate, that will be considered as two different domain names. The screenshot on the right shows you where you can find the attribute that tells you if your Multi-Domain Certificate secures both “www” and “non-www” under one single domain (SAN), or not.

Anyway, that is not a problem so as you cannot have the same website open both as www.example.com and as example.com. All website owners only choose one of these options and make the other option automatically re-direct to the other. For example, you can choose your website to always open at www.example.com and anybody who enters on example.com is automatically redirected to www.example.com. In this way, you only have to secure one domain, and that is: www.example.com.

A Multi-Domain Wildcard SSL Certificate is specifically created to allow users to secure multiple domains and sub-domains using one single SSL Certificate.

NOTE #1: Any Multi-Domain Wildcard SSL Certificate should start with a non-Wildcard domain. This means that anytime you configure and request a Multi-Domain Wildcard SSL Certificate, you need to generate a CSR (Certificate Signing Request) for a single domain (such as: example.com), without any asterisk sign “*”. This is a requirement that comes from the Certificate Authorities. All the additional SANs (2nd, 3rd, 4th domains) can be Wildcard domains.

For example, a Multi-Domain Wildcard SSL Certificate that has 4 SAN (domains) by default, allows you to secure the following:

  1. One main domain and multiple Wildcard domains:
    1. example.com – included in the CSR (Certificate Signing Request)
    2. *.example.com
    3. *.mysite.com
    4. *.abcxyz.com
  2. One main domain and multiple Wildcard domains (with both, 1st level and 2nd level sub-domains):
    1. example.com – included in the CSR (Certificate Signing Request)
    2. *.example.com
    3. *.mob.example.com
    4. *.mysite.com
  3. Several domains and multiple Wildcard domains (with both, 1st level and 2nd level sub-domains):
    1. example.com – included in the CSR (Certificate Signing Request)
    2. *.example.com
    3. mysite.com
    4. *.mob.mysite.com

NOTE #2: If you add a SAN item like *.domain.com, you will protect its unlimited sub-domains but not the main domain. For example, if you want to secure secure two domains and all their sub-domains, you have to configure your SSL in the following format:

  1. domain.com – included in the CSR (Certificate Signing Request)
  2. *.domain.com
  3. mysite.com
  4. *.mysite.com

You can add sub-domains to your server and they will be covered by your Wildcard SSL Certificate automatically. You do not need to re-issue your Wildcard SSL Certificate each and every time when you add sub-domains to it. The newly added sub-domains will be automatically covered by your Wildcard SSL Certificate.

 

This article will help you determine which multi-domain SSL Certificate you should get. We have categorized the multi-domain SSL Certificates in 4 groups, and we would recommend you to read about each group and then chosee a multi-domain SSL Certificate from the group that meets your preferences best:

  1. Domain validated multi-domain certificates. There are two certificates in this category: Comodo PositiveSSL Multi-Domain and Comodo SSL UCC DV. These certificates will secure your websites by making it open from a permanent HTTPS link, will display a green padlock icon next to the URL bar, and will make your website show as “Secure” in all web and mobile browsers. These multi-domain certificates are the quickest ad easiest to get, so as you only have to prove the domain ownership.
  2. Business validated multi-domain certificates. You need to have a registered company to be eligible for a business validated SSL Certificate. Besides the HTTPS link and and the green padlock icon near your website’s URL, the people who visit your website will be able to see your company name when they search whom the SSL Certificate was issued to, and they will also see your company name and address when they roll over or click on the dynamic site seal which comes with your SSL Certificate and which you can add to your website. This type of certificates are issued within 1-3 days.
  3. Extended validated multi-domain certificates. These certificates are considered to be the highest standard in the SSL Certificates industry. They have all the other security elements described above, plus the famous green bar which shows the name of your company directly in the browser’s URL bar. This type of certificates are issued within 1-7 days.
  4. Multi-domain Wildcard certificates. These certificates allow you to secure one main domain and multiple wildcard domains using one single SSL Certificate. You can get a Comodo PositiveSSL Multi-Domain Wildcard SSL if you want a domain validated SSL, or a Comodo Multi-Domain Wildcard SSL if you prefer a business validated certificate. You can learn more about how multi-domain wildcard certificates work at this link.

When you buy a multi-domain SSL Certificate and you include several domain names and/or sub-domains in it, the Certificate Authorities require you to pass the domain validation for each and every domain name and/or sub-domain that you included in your multi-domain SSL Certificate, and only after that the multi-domain SSL Certificate will be issued to you.

POSSIBLE PROBLEM: Sometimes the email addresses, or your HTTP options, or the DNS records that you choose for your multi-domain certificate do not get set correctly when they reach the Certificate Authority. You will know that when you see that you only got one single domain validation message to your email address instead of getting several domain validation messages, or your multi-domain SSL Certificate’s status still shows as “Awaiting Validation (Full)” even though you passed the domain validation for one of the domains.

partner-order-idHOW TO FIX: There is an easy way to fix that, and that requires getting in contact with the Certificate Authority’s Validation Department. When you contact them, please provide them your “Partner Order ID” (see screenshot on the right), and then tell them about the domain validation method that you chose to go with: HTTP, DNS or Email. If you chose to pass the domains validation by email, then double check with the Validation Department representatives what email addresses are set in their system, and ask them to send you the domain validation messages to your desired email addresses.

Comodo

Please call Comodo Validation Department at +1 (888) 266-6361 (Ext 4) for the above stated reasons. When you talk to them, you will need to provide them your “Partner Order ID”.

Thawte, GeoTrust, Symantec/VeriSign

Please call Thawte, GeoTrust, Symantec/VeriSign Validation Department at +1 (520) 477-3152 (Ext 2) for the above stated reasons. Please note that Thawte, GeoTrust, Symantec/VeriSign are all owned by Symanec, and they all have the same phone number provided above.  When you talk to them, you will need to provide the “Partner Order ID”.