Breaking

Wednesday, April 29, 2020

Wildcard vs. MultiDomain vs. Standard SSL Certificates ?


Just a quick run down of SSL types and when I recommend using them.
Wildcard
Domain: *.domain.com (domain.com)
Can be used for any *.domain.com and depending on the vendor domain.com. In Apache, this can be used in any server or Vhost configuration block. To prevent errors, the domain being served must match the *.domain.com pattern.
I recommend this SSL certificate if you have many (>5) domains using *.domain.com. For example, we have mail.domain.com, wiki.domain.com, my.domain.com and others. We can secure all of these with 1 SSL certificate.
MultiDomain
Domain: domain.com, anotherdomain.com, someotherdomain.com
Some vendors provide multidomain SSL certificates. These can be used for multiple, unique domain names, e.g. www.domain.com, www.anotherdomain.com.
These are required if you are serving multiple-domains from the same Vhost and do not want SSL errors. For example, with Wordpress Multi-site, you would need to use one of these certificates.
These are also good if you need SSL support to do redirects. For example if you want to redirect: https://www.anotherdomain.com/ -> https://www.domain.com/ within the same Vhost configuration.
Lastly, these can simplify management if having dozens of domains. It is easier to keep track of a single cert than 50.
Standard SSL Certificates
Domain: www.domain.com (domain.com)
Good for a single domain. Some vendors may include www.domain.com and domain.com.
Recommended when a single domain requiring SSL is served from a Vhost or server.

No comments:

Post a Comment