How to use SSL for multiple domains
If you’re a small business or individual with a website, having an SSL certificate is of the utmost importance when it comes to gaining the trust of your users and customers. But what if you have multiple websites and/or domains?
It may seem more intimidating, but actually, it isn’t. Gone are the days when you would have to get a certificate for each individual domain. Now, you can secure multiple domains under one certificate, which makes keeping up-to-date with your internet security easy.
This is ideal for businesses who want to keep things as streamlined as possible. Many web hosts (Namecheap included) offer SSL certificates alongside hosting packages, so everything you need is one place, saving businesses the time and energy of keeping track of and chasing after multiple vendors and licensing sources.
While securing multiple domains isn’t difficult, there are three different kinds you can choose from. Read on to find out which option is best for you.
The three options for securing multiple domains with an SSL are:
The Multi-Domain/SAN certificate
The Wildcard certificate
The UCC certificate
The kind of SSL certificate you opt for will be dependent on factors such as your office environment and whether or not you’re planning on adding more subdomains in the future. We’ll cover the ins and outs of each type in just a moment. For now, let’s talk about encryption and how it works for each certificate.
All SSL certificates offer the same level of encryption, so when you choose an SSL certificate you need not worry about how secure it will make your site. If you got it from a trusted certificate authority, your users’ information is safe.
When a browser (also known as a client, in this context) visits a website (server) with an SSL certificate, they carry out what is referred to as the SSL handshake. This handshake ensures the encryption (encoding) and decryption (decoding) of the information as the user sends it. It scrambles data so that it can’t be read until it reaches the source. During this process, the browser will check that a website’s SSL certificate is valid, then a secure connection will be enabled using what is known as the client’s public key and the server’s private key, creating a session key, which is what keeps the connection secure. This handshake safeguards user information when they are on your website. For more information on how SSL works, click here.
Now that you know how SSL encryption works, let’s delve into what differentiates the multi-domain SSL certificates on offer.
The multi-domain certificate is also commonly referred to as a SAN certificate. SAN is short for Subject Alternative Name. In a multi-domain certificate, it is a field that allows you to attach additional host n ames to one SSL certificate. These host names can be anything from IP addresses to URLS but are most commonly DNS (domain name system) names.
When a user tries to access a website protected by a multi-domain/SAN certificate, the browser will check the certificate to see if the URL matches one of the SAN names contained within. If it does, a secure connection to the server will be established.
As an example, if you’re looking to secure multiple domains for “mywebsite,com”, your multi-domain certificate might show the following in the extensions section:
Up to 100 different domains and subdomains can be protected with this kind of certificate. This makes it perfect for businesses that run multiple websites, as well as those that have multiple versions of a website for different geographic locations. Like we mentioned before, having multiple domains under a unified certificate makes it easier when it comes to things like renewals and keeping website security up-to-date.
Learn more about Namecheap’s Multi-Domain certificates and which is right for you.
Wildcard SSL certificates differ from the previously mentioned multiple-domain and UCC certificates in that it doesn’t secure multiple domains, but multiple subdomains for a single domain.
If you purchase a wildcard SSL certificate for “mywebsite.com”, for instance, subdomains like “blog.mywebsite.com” and “mail.mywebsite.com” will also be automatically protected by SSL. However, “mywebsite.co.uk” and its subdomains wouldn’t be automatically protected – you would have to purchase a unique certificate for this.
Wildcard SSL certificates account for adding subdomains in the future, so these subdomains don’t have to be set up already at the time of purchase and can be added later. To secure multiple domains and unlimited subdomains, Wildcard SSL can be used in conjunction with multi-domain SAN and UCC certificates.
Learn more about Namecheap’s Wildcard certificates and which is right for you.
Very similar to multi-domain/SAN certificates, UCC SSL certificates are used for office environments that utilize Microsoft Exchange and Office Communications specifically. Like multi-domain/SAN certificates, UCCs can also secure up to 100 domains and subdomains on one certificate, and also uses SAN extensions to secure them.
If your business uses Microsoft Exchange and Office Communications to run multiple websites and domains, a UCC certificate is the best choice for you.
Learn more about Namecheap’s UCC certificates and which is most suitable for your websites.
The main difference between UCC certificates and Wildcard certificates is that UCC certificates can secure multiple domain names as well as subdomains, while a Wildcard certificate secures only one domain name and multiple subdomains. In addition, UCC certificates are delegated specifically for office Microsoft Exchange and Office Communications infrastructure. By contrast, Wildcard certificates don’t have to be used in a specific computing environment and can be combined with both UCC certificates and multi-domain/SAN certificates.
Unlike UCC certificates which must define every domain at the time of purchase, subdomains can be added to a Wildcard SSL certificate at any time. If you wish to add new domains to a UCC certificate, a new one must be purchased.
UCC certificates and Wildcard certificates can be used in conjunction with one another so that you have the option to secure multiple domains and subdomains and add new subdomains at any time, however, it should be noted that Wildcard SSL isn’t compatible with some older server-client configurations.
The differences between Multi-domain/SAN certificates and Wildcard certificates are quite similar to what differentiates UCC certificates from Wildcard certificates. Multi-domain/SAN can protect multiple domains and subdomains, while Wildcard secures one domain and unlimited subdomains. However, neither multi-domain/SAN certificates or Wildcard certificates need specific infrastructure to work in.
Like UCC certificates, when purchasing a multi-domain certificate you must also know the domains and subdomains you want to secure from the outset. However, multi-domain certificates and Wildcard certificates can also be combined, so that you can add new subdomains to your multi-domain SSL certificate at a later stage.
Whether you decide to go for a multi-domain/SAN SSL certificate, a UCC SSL certificate, or a Wildcard certificate will depend on the number of domains and subdomains your business is hosting and whether or not you plan to expand in the future. If your multiple domains have a set number of subdomains that you don’t plan on adding to in the future, a multi-domain/SAN certificate is probably the best choice. If you have a set number of domains and subdomains in a Microsoft Exchange and Office Communications environment, then UCC certificate is what you should opt for. If you only have a single domain and plan on adding more subdomains in the future, you should choose a Wildcard SSL certificate.
Choose your level of validation and protect your users from identity theft today.
Need help? We're always here for you.
Chat with a Live Person