Get to know the essential differences between a Multi Domain (SAN) SSL & Wildcard SSL Certificate
If we had a penny every time someone asked us the difference between Multi-Domain (SAN) & Wildcard SSL Certificate, we would have 32568642 pennies. We’re not kidding (Well, we are!). Jokes apart, the difference between Multi-Domain (SAN) & Wildcard SSL Certificate is one of THE most asked questions by our clients. The reason behind this question is the striking similarity they both pose at a first glance. Some even perceive them to be the same. Undoubtedly, they’re not. Let’s understand why.
Multi-Domain (SAN) SSL Certificate
As implied in the name itself, you can secure multiple domains using a single SSL certificate. Before Multi-Domain (SAN) SSL certificates existed, one had to buy and install a separate certificate for each domain he/she wanted to secure. As a result of this limit, one had to bear a significant cost & time. Moreover, managing numerous certificates was an even harder job. certificate for each domain he/she wanted to secure. Fortunately, this is not a case anymore. You can add multiple primary domains as well as multiple sub-domains using a single Multi-Domain (SAN) SSL certificate.
For example, the SAN certificate will protect:
Wildcard SSL Certificate
The Wildcard SSL certificates are similar in nature to the multi-domain SSL certificates. However, there is a fundamental difference between them. Wildcard certificates secure multiple sub-domains, not primary domains.
Domain & Sub domains types Wildcard SSL can secure:
|Multi Domain (SAN) SSL Certificate||Wildcard SSL Certificate|
Which one to choose?
New certificate buyers should first consider the level of protection that they desire for their website because EV (Extended Validation) SSL can only be applied to the SAN SSL certificates and not the Wildcard certificates. EV SSL has been increasingly gaining popularity because it offers the highest standard of protection through a stringent validation/verification process required by the CA/Browser Forum.
One major concern about Wildcard certificates is that if one of the subdomains is compromised, then all of the subdomains are at risk. However, while this worst-case scenario should be considered, an online business owner should not be deterred from benefitting from this helpful certificate if it truly and sufficiently meets their needs. The prices will vary on both of these certificates and every e-commerce owner should get as much protection as they can with their money without having to go overboard because of ‘possible’ pitfalls. Although, many owners simply prefer SAN certificates because they allow them to protect internal and external networks by using different domain names.
Obviously, both certificates allow the online business owner to extend protection in multiple areas with one certificate. Therefore, it depends on which direction that owner wants to extend that protection. If they are unsure about whether they want, or need, different domain names in the future, but they are currently sure that they need protection on multiple levels now, they may look at purchasing a SAN certificate to use in order to keep the option open. Before a commitment is made to Buy a Wildcard for a year, the owner should consider if they would like the opportunity to secure all of their needs with the broader SAN certificate (which would also allow them to more easily change the domain names and eliminate the possibility of having to wait for any certificates to expire before upgrading). It all depends on what that freedom is worth to the owner.
Wildcard and SAN compatibility
After reviewing numerous blog postings by new certificate users, it appears that the majority have experienced greater compatibility with the SAN certificates. Some certificate purchasers have voiced concerns of Wildcards not working as well with older mobile devices, POP/IMAP issues, and connectivity issues with Outlook Anywhere. With that being said, there were not very many specific explanations detailing the experiences encountered. Each online business owner that is interested in discovering more information about any potential issues with these different certificates should speak with other SSL purchasers or an SSL expert.