Wildcard SSL Or SAN SSL Certificate? Which SSL to Choose for your Website?
Wildcard SSL and multi domain certificate allow a single certificate for all your subdomains and domains. It will save time and cost in certificate management. But, if you are thinking to go with any of these certificates then, you need to understand few technicalities of both SSL certificates.
We bring a detailed comparison of both certificates that will help website holders to choose an ideal SSL certificate as per website’s requirement.
Wildcard SSL vs SAN SSL Certificates
Find actual difference between Wildcard SSL and SAN SSL Certificate.
|Wildcard SSL Certificate||Multi Domain SSL Certificate|
|Wildcard secures main domain and it’s unlimited subdomains.||Multi domain certificate secures different domains and subdomains.|
|The certificate is an ideal for unlimited subdomains and multiple servers.||The certificate is an ideal for up to 250 different domains (depends upon the provider)|
|Extended Validation is not possible.||Extended Validation is available.|
|An asterisk (*) is required before a domain name. The certificate automatically covers first level subdomains.||You need to add main domain and required SANs|
|The certificate secures first level of subdomains.||The certificate secures different level of domains and subdomains.|
|Wildcard certificate does not allow to add SAN domains.||Multi domain allows to add different SAN domains.|
|Wildcard certificate price starts at $45.00/yr.||Multi domain certificate price starts at $21.60/yr.|
Are SAN/UCC SSL and Wildcard SSL certificates the same certificate?
The answer is “NO“, both are different. If you wish to secure multiple domains as well subdomains, then you should think of SAN certificate or Wildcard SSL certificate. Many of us think that both SAN and Wildcard certificate is the same certificate but it is a myth. Each certificate is designed to serve different purposes. So let us understand them individually.
What is a Wildcard SSL Certificate?
If you are concerned about your subdomain protection then Wildcard SSL can be the cheapest and strongest option that can secure unlimited sub-domains with a single certificate. A single asterisk (*) can secure unlimited sub-domains for example, *.yoursite.com will cover mail.yoursite.com, ftp.yoursite.com or anything.yoursite.com
Benefits of Wildcard SSL
Value for money: Wildcard certificate offers easy certificate management as a single certificate is enough to secure current and potential sub-domains. As a result, the organization will have less management costs and a single point certificate management for certificate expiry, renewal, purchase, installation.
Easy to manage: Wildcard generally comes with a domain or business validation where domain validation refers to quick issuance and requires no lengthy legal process while business validation includes verification of business identity and it can be issued within two-three days.
Free Unlimited Reissuance: When you talk about subdomain security then wildcard is a great option because you can add subdomains during the lifespan of a certificate without buying any new certificate. Website owners do not need to specify subdomains while purchasing a wildcard certificate.
Unlimited Server License: If your sub-domains are hosted on multiple servers, then it is not necessary to spend the additional amount for additional server licenses. Wildcard certificates offer unlimited server licenses, so you can install the same certificate on everyone.
Browser Compatibility: It is compatible with most browsers used on computers and smartphones, Like Chrome, Firefox, Safari, Apache, etc.
Issuance of Wildcard: When you request a wildcard certificate, you need to add an asterisk (*) in the sub-domain field. For example, *.yourwebsite.com as a primary domain can protect yourwebsite.com, photos.yourwebsite.com, blog.yourwebsite.com. So, you do not need to verify each subdomain as your main domain has verified the Wildcard SSL certificate.
When to Use Wildcard SSL?
The SSL wildcard is suggested for one who has a domain and unlimited subdomains. It is best for medium-sized companies.
Why Wildcard SSL is not available with EV?
Extended Validation SSL comes with a high level of assurance and ensures that every web address is strictly verified as per the guideline prescribed by the CA/B Forum. In this case, wildcard only verifies *.domain.com and the rest subdomains get automatically protection under this primary domain. Thus, a wildcard certificate comes with a domain and business validation but does not support Extended Validation (EV).
Available option for Cheap Wildcard certificate:
CheapSSLShop offers most affordable domain validated Comodo Positive SSL Wildcard at just $45.00/yr. This certificate can secure the main domain and all of its sub-domains with strong 256-bit encryption.
You can also get RapidSSL wildcard certificate to protect unlimited sub-domains with utmost protection that is available at $68.00/yr. from CheapSSLShop.
|Product Name||Type||Cheapest Price||Details|
|Comodo Positive SSL Wildcard||DV||$45.00/yr.||Buy Now|
|Comodo Essential SSL Wildcard||DV||$50.00/yr.||Buy Now|
|RapidSSL Wildcard Certificate||DV||$68.00/yr.||Buy Now|
|Thawte SSL Web Server Wildcard||OV||$239.20/yr.||Buy Now|
|GeoTrust True BusinessID Wildcard||OV||$303.20/yr.||Buy Now|
|GlobalSign Domain SSL Wildcard||DV||$519.20/yr.||Buy Now|
What is a SAN SSL Certificate?
When it is a question of saving money along with multi-domain security, SAN/UCC certificate is a perfect option. You do not need to think about individual certificates for additional domain protection. For example, you can secure www.mydomain.com, mydomain.com, sub2.sub1.mydomain.com. In that case, there are chances of securing the second level subdomain in the SAN (Subject Alternate Name) certificate.
Benefits of SAN SSL Certificate
Value for money: SAN certificate can secure multiple domains and you can add domains or subdomains during the certificate life cycle. Thus, a SAN certificate saves costs by providing single web protection.
Domain Secured: Many SSL providers offer protection up to 100 domain names with SAN certificates, which seems a good option for application service providers who host app for different client bases. Every single client can use his own name using a SAN certificate.
Strong Encryption: This certificate comes with SHA256-bit encryption and 2048-bit Key Length that binds online transactions strongly and protects traveling data from prying eyes.
Browser compatibility: It supports all browsers such as Chrome, Internet Explorer, Netscape, Opera, Firefox, and most other popular browsers.
Validation: SAN certificate comes with Domain Validation and Organization Validation so an organization has a variety of choices in case of providing authenticity to the website. Unlike the Wildcard SSL certificate, the SAN certificate comes with EV SSL certificate option, where the legal identity of each individual SAN will be locomoted through strict validation. Some brands offer SAN/UCC SSL certificates with an extended validation procedure and verify domain validation, as well as documents for commercial authentication that inspire more confidence in your business.
Issuance of SAN/UCC certificate: SAN is best for Microsoft exchange server and protects FQDN (Fully Qualified Domain Name) while multiple domain names can be added in the “Alternative Name Field”. For example, you can add mail.yourdomain.com, www.yourdomains.com, and www.1domain.com in the SAN field.
Where to Use SAN SSL?
Best for those who want to secure multiple domains or sub-domains without spending extra cost on individual SSL.
Available Options for SAN certificate:
Comodo Multi-Domain SSL allows you to protect up to 100 multiple domains as well offers robust encryption and easy certificate management. You can get the certificate at $21.60/yr. cheap price from CheapSSLShop.
GeoTrust Multi Domain SSL can secure up to 100 domain names during the life-cycle of a certificate and is ideal for the QA testing environment and small businesses. CheapSSLShop brings enormous discount on GeoTrust Multi-Domain certificate by announcing $127.20/yr. for their current and potential customers.
There are many other SAN/UCC SSL certificates that you can find here.
|Product Name||Type||Best Price||Details|
|Comodo Positive SSL Multi Domain||DV||$21.60/yr.||Buy Now|
|Comodo Exchange Server SSL (UCC)||DV||$60.00/yr.||Buy Now|
|Comodo Positive SSL Multi-Domain Wildcard||DV||$120.00/yr.||Buy Now|
|GeoTrust Multi Domain SSL||OV||$127.20/yr.||Buy Now|
|GeoTrust Multi Domain EV||EV||$279.20/yr.||Buy Now|
Another Option: Wildcard SSL + SAN
If you want to secure wildcard domains for multiple websites or multi-level sub-domains with a single certificate, then the Multi-Domain Wildcard certificate is the best one. You can go with the Comodo Multi-Domain Wildcard Certificate at just $120.00/yr. This certificate includes two domain licenses as default pack, you need to pay extra cost for additional SAN names. This certificate reduces administrative stress and saves money. You will not require to manage individual certificates, installation, and its expiry as you can manage everything with this certificate.
What SSL Certificate is Right for You?
If an organization has a single public domain and wants protection for subdomains, then a wildcard is an ideal option. When an organization needs security for multiple domains, then SAN/UCC certificate is a beneficial option.
Both certificates save management cost therefore; it depends upon the requirement of an organization whether the company wish to secure subdomains or multiple domains.