Multi Domain

All Business Validation Certificate Authorities Changes Code Signing Configuration CPAC CSR Code CSR Decoder CSR Generation Tutorials CSR Generator DigiCert Domain Validation Extended Validation General Install SSL Certificates Installation IP Address LEI Multi Domain Payments Private Key Renewal S/MIME Types Updates Wildcard
How do Multi-Domain Wildcard SSL Certificates work?

A Multi-Domain Wildcard SSL Certificate is specifically created to allow users to secure multiple domains and sub-domains using one single SSL Certificate.

NOTE #1: Any Multi-Domain Wildcard SSL Certificate should start with a non-Wildcard domain. This means that anytime you configure and request a Multi-Domain Wildcard SSL Certificate, you need to generate a CSR (Certificate Signing Request) for a single domain (such as: example.com), without any asterisk sign “*”. This is a requirement that comes from the Certificate Authorities. All the additional SANs (2nd, 3rd, 4th domains) can be Wildcard domains.

For example, a Multi-Domain Wildcard SSL Certificate that has 3 SAN (4 domains) by default, allows you to secure the following:

  1. One main domain and multiple Wildcard domains:
    1. example.com – included in the CSR (Certificate Signing Request)
    2. *.example.com
    3. *.mysite.com
    4. *.abcxyz.com
  2. One main domain and multiple Wildcard domains (with both, 1st level and 2nd level sub-domains):
    1. example.com – included in the CSR (Certificate Signing Request)
    2. *.example.com
    3. *.mob.example.com
    4. *.mysite.com
  3. Several domains and multiple Wildcard domains (with both, 1st level and 2nd level sub-domains):
    1. example.com – included in the CSR (Certificate Signing Request)
    2. *.example.com
    3. mysite.com
    4. *.mob.mysite.com

NOTE #2: If you add a SAN item like *.domain.com, you will protect its unlimited sub-domains but not the main domain. For example, if you want to secure secure two domains and all their sub-domains, you have to configure your SSL in the following format:

  1. domain.com – included in the CSR (Certificate Signing Request)
  2. *.domain.com
  3. mysite.com
  4. *.mysite.com

You can add sub-domains to your server and they will be covered by your Wildcard SSL Certificate automatically. You do not need to re-issue your Wildcard SSL Certificate each and every time when you add sub-domains to it. The newly added sub-domains will be automatically covered by your Wildcard SSL Certificate.

Copy Link

Can I secure multiple domains with a single certificate?

multi-domainYou can secure inexpensively and efficiently multiple domains and/or sub-domains with a Multi-Domain (SAN) SSL Certificate. Depending on the SSL Certificate brand and certificate product, the SAN cert will include a different number of additional domains at the price quoted on the SSL Certificate’s details page (see screenshot on the right).

You can find our full list of Multi-Domain (SAN) SSL Certificates at this link.

Copy Link

Can I secure site.com and www.site.com under 1 SAN?

multi-domain2When you buy or configure your Multi-Domain (SAN) SSL Certificate, please note that most Multi-Domain Certificates do not secure the domains with and without “www”. With other words if you want to secure both, example.com and www.example.com under one single Multi-Domain Certificate, that will be considered as two different domain names. The screenshot on the right shows you where you can find the attribute that tells you if your Multi-Domain Certificate secures both “www” and “non-www” under one single domain (SAN), or not.

Anyway, that is not a problem so as you cannot have the same website open both as www.example.com and as example.com. All website owners only choose one of these options and make the other option automatically re-direct to the other. For example, you can choose your website to always open at www.example.com and anybody who enters on example.com is automatically redirected to www.example.com. In this way, you only have to secure one domain, and that is: www.example.com.

Copy Link

Why is domain validation for multi-domain SSL so slow?

When you buy a multi-domain SSL Certificate and you include several domain names and/or sub-domains in it, the Certificate Authorities require you to pass the domain validation for each and every domain name and/or sub-domain that you included in your multi-domain SSL Certificate, and only after that, the multi-domain SSL Certificate will be issued to you.

POSSIBLE PROBLEM: Sometimes the email addresses, or your HTTP options, or the DNS records that you choose for your multi-domain certificate do not get set correctly when they reach the Certificate Authority. You will know that when you see that you only got one single domain validation message to your email address instead of getting several domain validation messages, or your multi-domain SSL Certificate’s status still shows as “Awaiting Validation (Full)” even though you passed the domain validation for one of the domains.

partner-order-idHOW TO FIX: There is an easy way to fix that, and that requires getting in contact with the Certificate Authority’s Validation Department. When you contact them, please provide them your “Partner Order ID” (see screenshot on the right), and then tell them about the domain validation method that you chose to go with: HTTP, DNS, or Email. If you chose to pass the domains validation by email, then double-check with the Validation Department representatives what email addresses are set in their system, and ask them to send you the domain validation messages to your desired email addresses.

Sectigo/GoGetSSL

Please call Sectigo Validation Department at +1 (888) 266-6361 or https://sectigo.com/support for the above-stated reasons. When you talk to them, you will need to provide them your “Partner Order ID”.

Thawte, GeoTrust, DigiCert

Please call Thawte, GeoTrust, DigiCert Validation Department at +1 (877) 438-8776 for the above-stated reasons. Please note that Thawte, GeoTrust, DigiCert are all owned by DigiCert, and they all have the same phone number provided above.  When you talk to them, you will need to provide the “Partner Order ID”.

Copy Link

Which Multi-Domain certificate shall I choose?

This article will help you determine which multi-domain SSL Certificate you should get. We have categorized the multi-domain SSL Certificates in 4 groups, and we would recommend you to read about each group and then choose a multi-domain SSL Certificate from the group that meets your preferences best:

  1. Domain validated multi-domain certificates. There are two certificates in this category: PositiveSSL Multi-Domain and SSL UCC DV. These certificates will secure your websites by making it open from a permanent HTTPS link, will display a padlock icon next to the URL bar, and will make your website show as “Secure” in all web and mobile browsers. These multi-domain certificates are the quickest and easiest to get, so as you only have to prove the domain ownership.
  2. Business validated multi-domain certificates & Extended validated multi-domain certificates. You need to have a registered company to be eligible for a business validated SSL Certificate. Besides the HTTPS link and the padlock icon near your website’s URL, the people who visit your website will be able to see your company name when they search whom the SSL Certificate was issued to, and they will also see your company name and address when they roll over or click on the dynamic site seal which comes with your SSL Certificate and which you can add to your website. This type of certificate is issued within 1-7 days.
  3. Multi-domain Wildcard certificates. These certificates allow you to secure one main domain and multiple wildcard domains using one single SSL Certificate. You can get a PositiveSSL Multi-Domain Wildcard SSL if you want a domain validated SSL, or a Multi-Domain Wildcard SSL if you prefer a business validated certificate. You can learn more about how multi-domain wildcard certificates work at this link.

Copy Link

What is a Multi-Domain or SAN SSL Certificate?

The Subject Alternative Name (SAN) SSL certificate, also called the Unified Communication Certificate (UCC) or the Multi-Domain SSL certificate was particularly developed to secure all your domains and subdomains by owning one single SSL certificate. This type of certificate ensures the security for both, your internal and external domains/subdomains and is fully compatible with your Microsoft Exchange products and Microsoft Office Communications Server.

UCC/SAN SSL certificates are not just easy to be managed but are the most cost-effective option. These certificates give you the opportunity to secure your main domain, for example, ssldragon.com, together with many other totally distinct domains, like ssldragon.net, ssldragonsslcertificates.com and its subdomains mail.ssldragon.com and account.ssldragon.com – all with 1 single certificate. Besides, unlike Wildcard SSL certificates, UCC/SAN certificates are available in all three validation methods: Domain Validation (DV), Business Validation (BV) and Extended Validation (EV).

You can find our full list of Multi Domain (UCC/SAN) SSL Certificates at this link.

Copy Link

Can I add another domain after the multi-domain SSL is issued?

The multi-domain certificate can be initially activated for the primary domain name.

If you wish to add more domains later, you need to reissue the certificate in your SSLDragon.com account, and add the SAN (additional domain) list in the SAN field, when reissuing.

If you need to add more domains than included by default, then please choose the Add More SANs option in order to pay for and activate the additional SANs.

Copy Link

Can I use an SSL Certificate for multiple domains on same IP address?

Yes, absolutely.

The Multi-Domain (UCC/SAN) SSL Certificate allows you to secure multiple domains or subdomains which are hosted either on one IP address or different IP addresses. This SSL Certificate type was particularly designed to secure multiple websites within one single SSL Certificate as an easy-to-use and cost-effective solution. 

Copy Link

Can I receive a refund for the unused domains on multi-domain certificate?

You can receive a refund ONLY for the additional domains (SANs) that you bought and NOT used.

If you have already activated the SAN (additional domain) for a particular domain name, then you cannot be refunded for that specific domain name.

Copy Link

What can I secure with a Multi-Domain (SAN) SSL Certificate?

multi-domainA Multi-Domain (SAN) SSL Certificate is specifically created to allow users to secure multiple domains and/or multiple sub-domains with one single SSL Certificate. Depending on the SSL Certificate product and brand, the certificate will include a different number of additional domains (called SANs) at the price quoted on the SSL Certificate’s details page (see screenshot on the right).

For example, a Multi-Domain (SAN) SSL Certificate that has 4 domains by default allows you to secure:

  • Four different domains:
    1. mysite.com
    2. example.com
    3. abcxyz.com
    4. demo123.com
  • Four different subdomains:
    1. my.example.com
    2. mail.example.com
    3. test.mysite.com
    4. account.mysite.com
  • Four different domains and subdomains:
    1. example.com
    2. my.example.com
    3. abcxyz.com
    4. mail.demo123.com

sanNOTE: Here is how you should configure your Multi-Domain SSL Certificate on our website: When you generate a CSR (Certificate Signing Request), please include one single domain name or sub-domain in it, such as: www.example.com. The rest of the domains or sub-domains, which are called SANs (2nd, 3rd, 4th domains or sub-domains) should be included in the fields for additional domains. You will see the fields for additional domains on the SSL Certificate configuration form, right under the text area for the CSR (see screenshot on the right).

Copy Link