Get to know the important differences between an SSL & Wildcard SSL Certificate Multi-Domain (SAN)
We would have 32568642 pennies if we had a penny each time someone asked us the difference between the Multi-Domain (SAN) & Wildcard SSL Certificate. We don’t get kidding (Well, we are!). Jokes apart, one of our clients’ most asked questions is the difference between Multi-Domain (SAN) & Wildcard SSL Certificate. The reason behind this question is that they both pose a striking similarity at first glance. Some even consider it as being the same. Sure, they are not. Let’s get into why.
Multi-Domain (SAN) SSL Certificate
You can protect multiple domains using one single SSL certificate, as indicated in the name itself. Before SSL certificates existed for Multi-Domain (SAN), one had to purchase and install a separate certificate for each domain that he / she wanted to protect. One had to bear a substantial cost & time as a result of that cap. In addition, the administration of multiple certificates has become an even harder job. A certificate which he / she wanted to protect for each domain. Fortunately this is no longer a event. Using a single Multi-Domain (SAN) SSL certificate you can add multiple primary domains as well as multiple subdomains.
The SAN certificate for example will protect:
Wildcard SSL Certificate
The Wildcard SSL certificates are similar in nature to the SSL certificates for multidomain. There’s one important difference between them, however. Wildcard certificates protect several, not primary, sub-domains.
Domain & Sub domain forms Can be protected by Wildcard SSL:
|Multi Domain (SAN) SSL Certificate||Wildcard SSL Certificate|
|Multi Domain (SAN) SSL Certificates secure multiple primary domains as well as multiple sub-domains.||Wildcard SSL Certificates secure multiple sub-domains.|
|The number of domains that can be secured using Multi-Domain (SAN) SSL Certificate depends on the certificate authority. The maximum number of domains you can secure using a single SSL is 250.||Unlimited sub-domains can be secured using a single Wildcard SSL certificate.|
|The different domain names that are protected by the SAN certificate, must be defined and added at the time of the certificate purchase (though they may be substituted with other domain names later).||The different subdomains, which are protected with a Wildcard, may be selected at any time.|
|Multi-Domain (SAN) SSL Certificate comes with DV, OV and EV options.||The wildcard SSL only comes with domain validation (DV) and organization validation(OV).|
Compare Multi-Domain SSL and Wildcard SSL Certificate
|Features||GeoTrust Multi Domain SSL||Thawte Wildcard SSL|
|Domain Secured||Multiple Domain Names||Unlimited Subdomains|
|Root Domain Support||Single Domain Name + 4 Different SAN Included||Main Domain + All Sub-domains|
|Price for 1 Year||$278||$399|
|Price for 2 Year||$235.50/yr||$349/yr|
|Price for 4 Year||$221.96/yr||$323.46/yr|
|Issuance Time||1-3 business days||1-3 business days|
|SSL Encryption||up to 256-bit||up to 256-bit|
|CSR Key Encryption||2048 bits||2048 bits|
|Warranty by CA||$1,250,000 USD||$1,250,000 USD|
|Refund Policy||30 days||30 days|
|SAN / UCC Support||Yes||No|
Which one to select?
First of all, new certificate buyers should consider the level of protection they want for their website, because EV (Extended Validation) SSL can only apply to SAN SSL certificates and not to Wildcard certificates. EV SSL has gained increasing popularity as it provides the highest standard of protection through a rigorous validation / verification process required by the CA / Browser Forum.
One big concern about Wildcard certificates is that all subdomains are at risk if one of the subdomains is compromised. While this worst-case scenario should be considered, however, an online business owner should not be deterred from taking advantage of this helpful certificate if it truly and adequately meets their needs. The prices on both of these certificates will vary and every e-commerce owner should get as much protection as they can with their money without having to go overboard due to ‘possible’ pitfalls. Although, many owners simply prefer SAN certificates because they use different domain names to protect internal and external networks.
Obviously both certificates allow the owner of the online business to extend protection with one certificate in multiple areas. It thus depends on which direction the owner wishes to extend that protection. If they are uncertain as to whether they want, or need, different domain names in the future, but are currently confident that they need multi-level security now, they will look to buy a SAN certificate to use to keep the option open. Before making a commitment to buy a wildcard for a year, the owner should decide whether they want the ability to protect all their needs with the wider SAN certificate (which will also allow them to change the domain names more easily and remove the risk of waiting for any certificates to expire before upgrading). It all depends on what the owner is worth of the right.
Compatibility with wildcard & SAN
Upon reviewing various blog posts by new users of certificates, the majority seem to have achieved greater compliance with the SAN certificates. Many certificate buyers have raised concerns that Wildcards might not operate with older mobile devices, POP / IMAP issues, and Outlook Anywhere compatibility issues as well. Having said that, there were not many detailed explications describing the encounters experienced. Any online business owner interested in finding out more about any possible problems with these various certificates should speak to other SSL purchasers or an SSL expert.
Need the best of the two? Multidomain wildcard certificates might be what you’d like. They securing all subdomains automatically for multiple domains you choose. Purchase COMODO Multi-Domain WildCard SSL Certificate with a big 50 per cent discount from SSL Renewals as an official COMODO affiliate.