Back

What SSL certificate do I need: SSL types

  • 697
Time to read article: 3 min

Single Domain SSL or Standard SSL

Single Domain SSL Certificate (also known as Domain SSL) will protect one domain name only. For example, if you buy an SSL Certificate with the hostname in the common name field as www.domain.com site, and it will not protect the mail.domain.com or any other subdomains. This rule applies to all types of SSL validation. When you list your hostname in the common name field as “domain.com” the certificate will protect your www.domain.com.

Only the domain name will be protected which is listed in the common domain name of the CSR. It cannot secure any other domains. Single Domain SSL or Standard SSL Certificates are specifically for small to medium-sized businesses managing a limited number of domains or subdomains security need.

The Certificate Authorities (CAs) issue certificates for the ROOT DOMAIN (domain.com) only. Single Domain SSL Certs are available in Domain Validated, Organization Validated, and Extended Validation SSL Certificates types, with different level of security and price variations.

If you want to secure one website with SSL Certificate then Single Domain SSL is the best option for your online business security needs. 

 

Wildcard Domain SSL certificate

The Wildcard SSL certificates are great helpers when you need to protect multiple sub-domains within the same domain name. 

However, the modern infrastructure includes multiple services that use own sub-domains. When you need to protect just a few sub-domains and you already know their names you need to select Multi-domain SSL (SAN) certificates. The description of Multi-Domain SSL you can find below. However, take Wildcard SSL certificates when you have many sub-domains and may not know all sub-domains at the moment.

Wildcard SSL certificate protects an unlimited number of sub-domains, but for the next level of domain only. If order placed for *.domain.com, that means SSL will protect the domain.com (base domain) and all its sub-domains (next-level), like any.domain.com, mail.domain.com etc, but NOT *.*.domain.com. Basically, double wildcard certs not exist, same as EV Wildcards.

It is also possible to use Wildcard SSL for mail and exchange servers, as most modern software may work with them like with UCC (Unified Communication SSL certificates).

There is also a new type of Wildcard certs called Multi-Domain Wildcard certificates. They able to protect up to 250 different wildcard domains, that means unlimited sub-domains under 250 domains. Most of our Wildcard certs come with unlimited server licensing too, so you can install different variations of sub-domains on your different servers and IP addresses.

 

Multi-Domain SSL (SAN) certificate

Multi-Domain SSL certificates, also known as Unified Communication Certificates (UCC) and Subject Alternative Name (SAN). All of them solve the requirement of protecting multiple domains and sub-domains. They are very popular for companies who run various local websites. CDN (Content Delivery Networks) use them to protect all their customers.

The modern SAN SSL supports up to 250 items, where each item can be used for domain or sub-domain. Some products like Multi-Domain Wildcard SSL certificates may support *.domain.tld (Wildcard domains) as SAN item.

SAN certs are compatible with MS and other exchange servers. It is very comfortable to use them, as you would have just one CSR and Private key, that makes management quite simple.