Difference between Multi Domain (SAN) & Wildcard SSL Certificate

1 Star2 Stars3 Stars4 Stars5 Stars (8 votes, average: 4.25 out of 5)
Loading...

Get to know the essential differences between a Multi-Domain (SAN) SSL & Wildcard SSL Certificate

If we had a penny every time someone asked us the difference between Multi-Domain (SAN) & Wildcard SSL Certificate, we would have 32568642 pennies. We’re not kidding (Well, we are!). Jokes apart, the difference between Multi-Domain (SAN) & Wildcard SSL Certificate is one of THE most asked questions by our clients. The reason behind this question is the striking similarity they both pose at a first glance. Some even perceive them to be the same. Undoubtedly, they’re not. Let’s understand why.

Multi Domain SSL vs Wildcard

Multi-Domain (SAN) SSL Certificate

As implied in the name itself, you can secure multiple domains using a single SSL certificate. Before Multi-Domain (SAN) SSL certificates existed, one had to buy and install a separate certificate for each domain he/she wanted to secure. As a result of this limit, one had to bear a significant cost & time. Moreover, managing numerous certificates was an even harder job. certificate for each domain he/she wanted to secure. Fortunately, this is not a case anymore. You can add multiple primary domains as well as multiple sub-domains using a single Multi-Domain (SAN) SSL certificate.

For example, the SAN certificate will protect:

  • www.example.com
  • www.example.net
  • www.examples1.com
  • www.examples2.com
  • www.SomethingCompletelyDifferent.com

Wildcard SSL Certificate

The Wildcard SSL certificates are similar in nature to the multi-domain SSL certificates. However, there is a fundamental difference between them. Wildcard certificates secure multiple sub-domains, not primary domains.

Domain & Sub domains types Wildcard SSL can secure:

  • mail.example.com
  • contact.example.com
  • sales.example.com
  • admin.example.com
Multi Domain (SAN) SSL CertificateWildcard SSL Certificate
Multi Domain (SAN) SSL Certificates secure multiple primary domains as well as multiple sub-domains.Wildcard SSL Certificates secure multiple sub-domains.
The number of domains that can be secured using Multi-Domain (SAN) SSL Certificate depends on the certificate authority. The maximum number of domains you can secure using a single SSL is 250.Unlimited sub-domains can be secured using a single Wildcard SSL certificate.
The different domain names that are protected by the SAN certificate, must be defined and added at the time of the certificate purchase (though they may be substituted with other domain names later).The different subdomains, which are protected with a Wildcard, may be selected at any time.
Multi-Domain (SAN) SSL Certificate comes with DV, OV and EV options.The wildcard SSL only comes with domain validation (DV) and organization validation(OV).

Compare Multi-Domain SSL and Wildcard SSL Certificate

FeaturesGeoTrust Multi Domain SSLThawte Wildcard SSL
Certificate Authority

GeoTrust

Thawte

Domain SecuredMultiple Domain NamesUnlimited Subdomains
Root Domain SupportSingle Domain Name + 4 Different SAN IncludedMain Domain + All Sub-domains
Price for 1 Year$278$399
Price for 2 Year$235.50/yr$349/yr
Price for 4 Year$221.96/yr$323.46/yr
Validation TypeOrganizationOrganization
Issuance Time1-3 business days1-3 business days
SSL Encryptionup to 256-bitup to 256-bit
CSR Key Encryption2048 bits2048 bits
Server LicenseUnlimitedUnlimited
Site SealDynamicDynamic
ReissueUnlimitedUnlimited
Warranty by CA$1,250,000 USD$1,250,000 USD
Refund Policy30 days30 days
SAN / UCC SupportYesNo
Wildcard SupportNoYes
Browser Compatibility99%99%
OS SupportYesYes
Smartphone SupportYesYes
 Buy NowBuy Now

Which one to choose?

New certificate buyers should first consider the level of protection that they desire for their website because EV (Extended Validation) SSL can only be applied to the SAN SSL certificates and not the Wildcard certificates.  EV SSL has been increasingly gaining popularity because it offers the highest standard of protection through a stringent validation/verification process required by the CA/Browser Forum.

One major concern about Wildcard certificates is that if one of the subdomains is compromised, then all of the subdomains are at risk. However, while this worst-case scenario should be considered, an online business owner should not be deterred from benefitting from this helpful certificate if it truly and sufficiently meets their needs. The prices will vary on both of these certificates and every e-commerce owner should get as much protection as they can with their money without having to go overboard because of ‘possible’ pitfalls. Although, many owners simply prefer SAN certificates because they allow them to protect internal and external networks by using different domain names.

Obviously, both certificates allow the online business owner to extend protection in multiple areas with one certificate. Therefore, it depends on which direction the owner wants to extend that protection. If they are unsure about whether they want, or need, different domain names in the future, but they are currently sure that they need protection on multiple levels now, they may look at purchasing a SAN certificate to use in order to keep the option open. Before a commitment is made to Buy a Wildcard for a year, the owner should consider if they would like the opportunity to secure all of their needs with the broader SAN certificate (which would also allow them to more easily change the domain names and eliminate the possibility of having to wait for any certificates to expire before upgrading). It all depends on what that freedom is worth to the owner.

Wildcard and SAN compatibility

After reviewing numerous blog postings by new certificate users, it appears that the majority have experienced greater compatibility with the SAN certificates. Some certificate purchasers have voiced concerns of Wildcards not working as well with older mobile devices, POP/IMAP issues, and connectivity issues with Outlook Anywhere. With that being said, there were not very many specific explanations detailing the experiences encountered. Each online business owner that is interested in discovering more information about any potential issues with these different certificates should speak with other SSL purchasers or an SSL expert.

Need the best of both? Multi-domain wildcard certificates may be what you want. They automatically secure all subdomains for multiple domains that you specify. Buy COMODO Multi-Domain WildCard SSL Certificate with a wide amount of 50% discount from SSL Renewals an official partner of COMODO.

Related Post: