Website data breaches and security threats have hit alarming heights. No single day passes without hearing of a data breach. Small and large business owners are growing paranoid day after day. Reason? The cost of a cyber-attack is too high.
However, I have reason to believe that there is no need to be afraid. All you need to be is prepared. Have proper mechanisms that will stunt any possible attempts by a cybercriminal to breach your website and other digital resources.
The certificate encrypts all your communication and data files that are passed between your servers and your users. Once encrypted, the communication between you and your servers will be turned into undecipherable gibberish which will only be accessed by the intended party.
Apart from just encrypting the information, the SSL certificate will also earn your client’s trust, which is a critical ingredient in building a strong brand.
Is it possible to have a single SSL certificate for multiple domains?
The answer to this question is a strong YES! Long gone are the times when you will need to purchase a single certificate for all your domains.
This will save your time and money spent on buying multiple certificates from different vendors.
To understand how securing multi-domains with just a single certificate is possible, you need to have proper knowledge about the different types of SSL certificates that can be used to secure multiple domains.
Types of Multi-domain SSL Certificates
Three different types of SSL certificates can be used to secure multiple domains. They are:
The three will be discussed in detail later in this article. For now, let us look at how encryption works for Multi-domain SSL certificates.
How Encryption Works for Multi-Domain Certificates?
All types of SSL certificates offer the same level of encryption. So you will not have to worry about the security of your data as long as you have acquired the certificate from a trusted Certificate Authority.
SSL encryption occurs through the use of public-key cryptography. Public key cryptography is made up of two keys; the public and the private key. The two keys are tasked with encryption and decryption roles.
When a user connects to a service, say a website that has an SSL certificate, the application of the user will request a public key of the server in exchange for its public key.
The exchange of public keys between the users’ browser and your servers enables each party to encrypt messages which only the other party can decrypt.
When your website visitor or client sends you a message, the application will use the public key from your servers to encrypt the message.
Once the server receives the message from the user, it will decrypt it by using its private key.
All the feedback and messages that are sent back to the client’s side will undergo a similar encryption process.
Encryption decodes the data, scrambling it, and making it incomprehensible. It attempts by a hacker to try and intercept the communication will be fruitless.
Let us now look into the different types of multi-domain SSL certificates and how they are different from one another.
The Multi-Domain SSL certificate is commonly referred to as a SAN certificate. SAN is a short form for Subject Alternative Name. The SAN certificate will allow a user to attach extra hostnames to a single SSL certificate.
The hostnames can be URLs and Domain Name System (DNS) names. Whenever a website user tries to access a website that has a Multi-Domain SSL certificate, the browser of the user will check the SSL certificate to establish whether the URL of the address matches one of the Subject Name Alternative names that are contained within. If that is the case, then a secure connection will be initiated.
A Multi-Domain SSL certificate is bound to protect up to 100 different domains and subdomains (depending on the provider). It is, therefore, the appropriate type of SSL for businesses that have multiple websites or run different versions of websites in various geographic locations. It will save on the costs that would have been spent to acquire a different type of SSL certificate for every website version and subdomain. It will also save you time that would have been wasted while renewing every single certificate for different domains and multi-Domains.
Wildcard SSL Certificates
Wildcard SSL certificates are a bit different from Unified Communication Certificates and Multi-Domain certificates in that. In contrast, the two secure multiple domains, Wildcard certificates only secure multiple subdomains for a single domain. They are hence an incredible and multipurpose certificate option as you only need a single certificate to secure an unlimited number of subdomains.
Just like Multi-domain/SAN certificates, Wildcard SSL certificates will save you from the unnecessary costs of having to acquire a single certificate for every subdomain. They will also eliminate time wastages associated with managing the multiple numbers of SSL certificates.
Unified Communication Certificates
A Unified Communication certificate is at times referred to as a Microsoft Exchange SSL certificate. As the name suggests, the certificates are designed specifically for Microsoft Exchange servers as well as office communication servers.
The use of Unified Communication Certificates could also be an effective way of providing certification for multiple websites, Fully Qualified Domains, and web pages under single certificate management.
Depending on the Certificate Authority from which a user acquires the UCC certificates, the user will be able to secure up to 250 domains (depending upon provider). Because it allows a user to secure multiple domains by just using a single SSL certificate, it will save time and resources for the user.
It is, therefore, a cost-effective certificate that you should start considering going for.
Multi-Domain/SAN Certificates Vs Wildcard Certificate
Similar as they might seem, the Multi-Domain SSL certificate and Wildcard certificate differ at some levels. Multi-domain/SAN certificate usually takes a single certificate to secure multiple domains and subdomains.
On the other hand, a single Wildcard certificate will secure an unlimited number of subdomains up to a particular level.
The wildcard SSL certificate has no extra charges on the number of subdomains the certificate will protect, whatsoever, on the number of subdomains that will be protected by a single SSL certificate.
With the Multi-domains SSL certificate, the specific domain names that will be protected must be added at the time when the SSL certificate is acquired from the certificate authority and for further addition, each domain will cost you. In the case of a wildcard SSL certificate, additional subdomains can be added or detached at any time.
The last differentiating aspect between the two multi-domains certificates is the level of validation. Whereas the multi-domain SSL certificate is available for all levels of validation (Domain Validation, Organizational Validation, and Extended Validation), the Wildcard certificate is only available for the Domain Validation and Organization Validation.
As for making a choice between which type of certificate to go for, well, it will depend on your needs. If you want to protect multiple domains, then a SAN certificate will be the best option. If, on the other hand, you need to secure several subdomains on your primary domain, then the Wildcard certificate will be a good fit for you.
UCC Certificate Vs Wildcard Certificate
Let us now look at the differences between the UCC certificate and the Wildcard certificate and know the best and ideal option that you should choose. With the Unified Communication Certificate, a single certificate could protect up to 250 domains and subdomains. It is ideal for securing Microsoft exchange services like owa, outlook, mail, exchange Server, autodiscover, and MS Lync server.
For the UCC certificate, the number of domains that will be secured by a single SSL certificate will be defined by the certificate authority issuing the certificate. On the other hand, a wildcard certificate will have no limits on the number of subdomains that can be covered by a single SSL certificate.
For UCC, all domain names to be secured by the certificate must be added when the certificate is purchased. In the case of a Wildcard certificate, the user is at liberty to add or remove subdomains at any time.
Lastly, the UCC certificate is usually available for all three levels of validation- Domain Validation, Organizational Validation, and Extended Validation. On the contrary, the wildcard certificate is only available for Domain Validation and Extended Validation.
That said, the decision on which type of multi-domain to go for between the UCC and the wildcard certificate will depend on your business needs. If you need to protect multiple domains in a Microsoft Exchange context, then the UCC is your option. If you need to secure several subdomains using a single certificate, then the wildcard certificate is your option.
The three types of multi-domain SSL certificates explained in this article will do the job for you. The decision on whether to choose a Multi-Domain/SAN certificate, Wildcard SSL Certificate, or UCC Certificate will depend on your business needs and the number of domains and subdomains that you wish to protect. This article has covered the three types of multi-domain certificates, given the differences between them and the decision criteria on which type to choose in different circumstances.