How to Secure Sub-domains with SSL Certificates

With so many available SSL options, selecting the right product for your website security needs can be confusing. If the concept of SSL Certificates is new to you, you may end up choosing a product that does not protect all areas of your website or one that offers more security than is necessary for you.

This confusion is especially pronounced when choosing an SSL certificate to secure your sub-domains. If you have multiple sub-domains, do you secure each sub-domain with its SSL certificate or do you secure all of them with a single certificate? Both options are feasible, and each has its upsides and downsides. The choice is ultimately yours.

To make it easier for you, here is a dissection of the three Choices of SSL certificates you can use to secure your sub-domains.

Tips about

  1. Wildcard SSL Certificate

If you have 20 or more sub-domains, securing them with individual certificates can be expensive and difficult to manage. Using a wildcard certificate is the best option. What sets wildcard SSL Certificates apart from the rest is the flexibility they confer their users. With a single wildcard certificate, you can secure your main domain as well as an unlimited number of sub-domains. This spares you the expense and hassle of installing, renewing and managing multiple SSL certificates.

Wildcard Certificates and Subject Alternative Names (SANs)

To expand wildcard certificate functionality, you can use them in conjunction with Subject Alternative Names. Wildcard certificates only secure first-level domains of the primary domain to which they are issued. For example, a standard wildcard issued to *.domain.com can only secure www.domain.com, mail.domain.com. It cannot secure multiple levels of sub-domains for example multiple.sublevels.domain.com.

To secure domains on different levels, you need to specify the subject alternative names.

1. Single Domain Validated (DV) SSL Certificate

If you want to secure two or three sub-domains, you can easily secure each with an own Domain Validated SSL Certificate. DV certificates provide basic encryption, a static site seal, and basic trust indicators. Their prices are very budget-friendly, and issuance is very quick. It is hence more cost effective to purchase a DV certificate for two or three sub-domains than to buy a wildcard certificate.

2. Multi-Domain SSL Certificate

The third option is Multi-domain SSL certificate. With a single multi-domain certificate, you can secure up to 100 different domains and sub-domains hosted on a single IP address.



Leave a Reply