Among all types of SSL certificates, Multi-Domain and Wildcard ones generate the most questions from new users. While regular SSL certs secure just the main domain and are pretty easy to understand, Multi-Domain and Wildcard products are in a different class: more powerful, more flexible, and more expensive than their single-domain counterparts.
Because both Multi-Domain and Wildcard certificates can secure multiple SANs (Subject Alternative Names), it’s easy to mix them up. In this article, we’ll compare the SAN certificate vs Wildcard SSL so that you can instantly tell one from another.
We’ll start with essential technical aspects, then move on to other key areas such as validation, extra features, and pricing.
Table of Contents
- What Is a Multi-Purpose SSL Certificate?
- What Is a Multi-Domain (SAN) SSL Certificate?
- What Is a Wildcard Certificate?
- Differences Between a Wildcard and a Multi-Domain Certificate
- Multi-Domain Wildcard SSL Certificates
- When to Use Wildcard Certificates and Multi-Domain SSL?
- Final Thoughts
What Is a Multi-Purpose SSL Certificate?
A multi-purpose SSL certificate is a type of SSL/TLS certificate that allows you to secure multiple domain names, subdomains, or server names with a single certificate. Wildcard and SAN SSL certificates fall into this category.
A regular SSL certificate secures a single domain name (e.g., yourdomain.com). However, if you have multiple domain names or subdomains, obtaining individual SSL certificates for each can be cumbersome and costly. Here’s where multi-purpose SSL certificates come in. With a multi-purpose SSL certificate, you can secure multiple domain names or subdomains using a single SSL certificate
What Is a Multi-Domain (SAN) SSL Certificate?
A Multi-Domain SSL Certificate, also known as a SAN (Subject Alternative Name) or UCC (Unified Communications Certificate) SSL Certificate, is a type of digital certificate that allows you to secure multiple domains or subdomains under a single installation. It provides encryption and authentication for up to 250 websites or hostnames under different domain names, all within one SSL certificate.
What Is a Wildcard Certificate?
A Wildcard Certificate secures one domain and all its subdomains at once. The wildcard character (*) is used in the certificate to represent any subdomain under the specified domain name. For example, if you have a Wildcard Certificate for *.yourdomain.com, it will secure not only yourdomain.com but also any subdomain under it, such as blog.yourdomain.com, shop.yourdomain.com, and so on. You can add unlimited subdomains anytime you need by simply reissuing the certificate.
Differences Between a Wildcard and a Multi-Domain Certificate
The main difference between a SAN certificate vs wildcard one is the number of domains and subdomains it can secure. Let’s have a closer look at how each type works.
What Do Multi-Domain and Wildcard Certificates Secure?
A multi-domain SSL certificate encrypts multiple domains under a single SSL installation. If you have two, three, or two hundred websites, one multi-domain cert is enough to secure them all. Moreover, the multi-domain certificate renews across all your domains, saving you precious time and money.
A typical multi-domain certificate comes with 3 domains by default, and you can secure up to 250 additional SANs on the checkout page.
Here’s how it works:
It can protect three different domains:
It can protect three different subdomains:
It can also protect three different domains and subdomains:
A Wildcard certificate protects your main domain along with unlimited subdomains under one SSL installation. No need to buy separate certs for each subdomain. A single Wildcard product will suffice. Best of all, you can add as many subdomains as you want, whenever you need and simply reissue your certificate to enable the encryption on the new subdomain.
Here’s how wildcard SSL works:
It secures your main domain, for instance: yourdomain.com, and all its subdomains. For example:
SAN vs. Wildcard Certificates Configuration
Configuring your Multi-Domain certificate is easy. During the CSR (Certificate Signing Request) generation, specify your first domain. For example, yourdomain.com. Right under the CSR text area, in the additional domains’ fields (SANs), add the rest of the domains or subdomains you want to protect.
As for Wildcard certificates, when requesting one, add an asterisk in front of your FQDN (fully-qualified domain name) during the CSR generation. For example, *.yourdomain.com.
SAN vs. Wildcard SSL Validation
When it comes to validation methods, Multi-Domain certificates excel. You can get DV Multi-Domain certs, BV Multi-Domain products, and even premium EV Multi-Domain certificates. Whether you want to secure a couple of basic websites or a network of complex e-stores, Multi-Domain SSL can do that.
Wildcard certificates, on the other hand, can protect only Domain and Business validated websites. Extended Validation Wildcard certificates don’t exist and for a good reason. There are too many security vulnerabilities associated with a potential EV Wildcard certificate.
Extended Validation was specifically designed to provide the utmost level of trust and is subject to lengthy verification procedures. CAs would have to verify the identity of each subdomain for the EV Wildcard to work, and they don’t want to commit time and money to such a risky and exhausting endeavor.
Multi-Domain vs. Wildcard SSL Price
The price depends on several important factors but mainly on the validation method and brand. If you were to buy the cheapest SSL certificate from each category, you would spend less on a multi-domain product. The most affordable Multi-domain certificate is just $19,99 at SSL Dragon, while the least expensive Wildcard cert is $57.49. The price for multi-domain certs may rise if you add an additional domain on the checkout, but generally, DV and BV multi-domain certificates are cheaper than Wildcard products.
Multi-Domain Wildcard SSL Certificates
Both Multi-Domain and Wildcard SSL certificates offer amazing benefits for complex websites, networks, and systems. However, there’s also one type of SSL that offers the ultimate flexibility – Multi-Domain Wildcard certificates.
What Is a Multi-Domain Wildcard SSL Certificate?
A Multi-Domain Wildcard SSL certificate is a versatile digital cert that secures multiple domains and all their subdomains under a single SSL installation. It combines the features of multi-domain and wildcard SSL certificates to offer the ultimate SSL protection to complex websites.
How Does Multi-Domain Wildcard SSL Certificate Work?
Here’s how this one-of-a-kind product works:
It can secure one main domain and multiple Wildcard domains. For example:
- youdomain.com (specified in your CSR)
It can encrypt one primary domain and several Wildcard domains (with both first-level and second-level subdomains). For example:
- youdomain.com (specified in your CSR)
It can protect multiple domains and several Wildcard domains (with both first-level and second-level subdomains:
- yourdomain.com (specified in your CSR)
Due to their versatility, Multi-Domain Wildcard certificates are trickier to configure. Please note, when you add a SAN item such as *.yourdomain.com, you secure its unlimited subdomains, but not the domain itself. To encrypt all your domains and subdomains, you’ll have to configure the Multi-Domain Wildcard SSL cert the following way:
- youdomain.com (specified in your CSR)
- *.yourdomain.com (for all subdomains)
- *.yourseconddomain.com (for all subdomains)
When to Use Wildcard Certificates and Multi-Domain SSL?
Let’s say you have a website with the domain yourdomain.com, and you want to secure multiple subdomains like blog.yourdomain.com, shop.yourdomain.com, and mail.yourdomain.com. Instead of spending a fortune on separate SSL certificates for each subdomain, you can use a wildcard certificate for *.yourdomain.com. The certificate will be valid for any subdomain under yourdomain.com.
In the case of a multi-domain SSL certificate, suppose you have an online business with multiple websites, such as website1.com, website2.com, and website3.com. Instead of getting SSL certificates for each domain, you can secure them all with a multi-domain certificate.
In summary, wildcard certificates secure multiple subdomains under a single domain, while multi-domain SSL certificates protect different domain names under one installation. This statement alone is enough to answer the what is the difference between a wildcard certificate and a multi-domain cert question.
Multi-Domain and Wildcard certificates are a great example of SSL management efficiency. Besides saving time and money, they protect websites of all sizes against malicious cyber-attackers. Hopefully, this multi-domain certificate vs wildcard SSL comparison has helped you better understand the differences and similarities between these two types of SSL certificates.