The three types of multi-domain SSL certificate
The three options for securing multiple domains with an SSL are:
The Multi-Domain/SAN certificate
The Wildcard certificate
The UCC certificate
The kind of SSL certificate you opt for will be dependent on factors such as your office environment and
whether or not you’re planning on adding more subdomains in the future. We’ll cover the ins and outs of each
type in just a moment. For now, let’s talk about encryption and how it works for each certificate.
How encryption works for multi-domain certificates
All SSL certificates offer the same level of encryption, so when you choose an SSL certificate you need not
worry about how secure it will make your site. If you got it from a trusted certificate authority, your
users’ information is safe.
When a browser (also known as a client, in this context) visits a website (server) with an SSL certificate,
they carry out what is referred to as the SSL handshake. This handshake ensures the encryption (encoding)
and decryption (decoding) of the information as the user sends it. It scrambles data so that it can’t be
read until it reaches the source. During this process, the browser will check that a website’s SSL
certificate is valid, then a secure connection will be enabled using what is known as the client’s public
key and the server’s private key, creating a session key, which is what keeps the connection secure. This
handshake safeguards user information when they are on your website. For more information on how SSL works,
Now that you know how SSL encryption works, let’s delve into what differentiates the multi-domain SSL
certificates on offer.
The multi-domain certificate is also commonly referred to as a SAN certificate. SAN is short for Subject
Alternative Name. In a multi-domain certificate, it is a field that allows you to attach additional host n
ames to one SSL certificate. These host names can be anything from IP addresses to URLS but are most
commonly DNS (domain name system) names.
When a user tries to access a website protected by a multi-domain/SAN certificate, the browser will check the
certificate to see if the URL matches one of the SAN names contained within. If it does, a secure connection
to the server will be established.
As an example, if you’re looking to secure multiple domains for “mywebsite,com”, your multi-domain
certificate might show the following in the extensions section:
Up to 100 different domains and subdomains can be protected with this kind of certificate. This makes it
perfect for businesses that run multiple websites, as well as those that have multiple versions of a website
for different geographic locations. Like we mentioned before, having multiple domains under a unified
certificate makes it easier when it comes to things like renewals and keeping website security up-to-date.
Learn more about Namecheap’s Multi-Domain
certificates and which is right for you.
Wildcard SSL certificates
Wildcard SSL certificates differ from the previously mentioned multiple-domain and UCC certificates in that
it doesn’t secure multiple domains, but multiple subdomains for a single domain.
If you purchase a wildcard SSL certificate for “mywebsite.com”, for instance, subdomains like
“blog.mywebsite.com” and “mail.mywebsite.com” will also be automatically protected by SSL. However,
“mywebsite.co.uk” and its subdomains wouldn’t be automatically protected – you would have to purchase a
unique certificate for this.
Wildcard SSL certificates account for adding subdomains in the future, so these subdomains don’t have to be
set up already at the time of purchase and can be added later. To secure multiple domains and unlimited
subdomains, Wildcard SSL can be used in conjunction with multi-domain SAN and UCC certificates.
Learn more about Namecheap’s
Wildcard certificates and which is right for you.
Unified communications certificates
Very similar to multi-domain/SAN certificates, UCC SSL certificates are used for office environments that
utilize Microsoft Exchange and Office Communications specifically. Like multi-domain/SAN certificates, UCCs
can also secure up to 100 domains and subdomains on one certificate, and also uses SAN extensions to secure
If your business uses Microsoft Exchange and Office Communications to run multiple websites and domains, a
UCC certificate is the best choice for you.
Learn more about Namecheap’s UCC
certificates and which is most suitable for your websites.
UCC certificate vs Wildcard certificate
The main difference between UCC certificates and Wildcard certificates is that UCC certificates can secure
multiple domain names as well as subdomains, while a Wildcard certificate secures only one domain name and
multiple subdomains. In addition, UCC certificates are delegated specifically for office Microsoft Exchange
and Office Communications infrastructure. By contrast, Wildcard certificates don’t have to be used in a
specific computing environment and can be combined with both UCC certificates and multi-domain/SAN
Unlike UCC certificates which must define every domain at the time of purchase, subdomains can be added to a
Wildcard SSL certificate at any time. If you wish to add new domains to a UCC certificate, a new one must be
UCC certificates and Wildcard certificates can be used in conjunction with one another so that you have the
option to secure multiple domains and subdomains and add new subdomains at any time, however, it should be
noted that Wildcard SSL isn’t compatible with some older server-client configurations.
Multi-Domain/SAN certificate vs Wildcard certificate
The differences between Multi-domain/SAN certificates and Wildcard certificates are quite similar to what
differentiates UCC certificates from Wildcard certificates. Multi-domain/SAN can protect multiple domains
and subdomains, while Wildcard secures one domain and unlimited subdomains. However, neither
multi-domain/SAN certificates or Wildcard certificates need specific infrastructure to work in.
Like UCC certificates, when purchasing a multi-domain certificate you must also know the domains and
subdomains you want to secure from the outset. However, multi-domain certificates and Wildcard certificates
can also be combined, so that you can add new subdomains to your multi-domain SSL certificate at a later