How to get two certificates for the same domain (and why you might want to)
In most cases, you’ll only need one SSL certificate for your domain. But in certain cases, you might need two certificates for a single domain. Here’s what you need to know, and how you can implement two certificates on the same domain.
First of all, a point of clarification: In this article, we’re talking about two certificates for the same hostname. For example, two certificates for www.mysite.com. If you’ve got multiple subdomains (such as blog.mysite.com and store.mysite.com), you can either use multiple SSL certificates or a wildcard SSL certificate.
Save 56% on Wildcard SSL Certificates!
Secure multiple subdomains under one domain… all with a single SSL certificate.
Issuing Two SSL Certificates for the Same Domain
There’s no mechanism that would stop you from issuing multiple certificates for the same domain. In fact, that’s what you do every time you renew your SSL certificate — you issue a new certificate while the old one is still active. So, at least for a while, you have two certificates for the same domain. It’s not unusual.
So, if you need two SSL certificates for same common name, just purchase and install them like you normally would.
Installing Two Certificates for the Same Domain
If you’ve just got a basic hosting setup (a single site hosted on a cPanel hosting account), you would only be able to install and activate one SSL certificate at a time.
However, there are setups where you could install multiple certificates at the same time:
- Using a CDN. When you’re using a CDN, you technically have two SSL connections for each visitor — one between the visitor and the CDN, and one between the CDN and your web server. If you wanted, you could use two different SSL certificates — one installed on your web server and one installed on the CDN. This can be a good practice because it segments access to your private keys. If a different team manages your CDN, then they wouldn’t have access to your web server private keys.
- Using multiple servers. If your website is set up on multiple servers (behind a load balancer, application request router, etc.), that’s another time when you may want to use two certificates for the same domain. Again, this can help segment access and improve your security controls.
- Test servers. In some cases, you may have a separate (offline or IP restricted) server that you access via your main domain + hosts file modifications. This is a great way to test new features while using your actual domain name. In this case, it’s a good idea to use a separate SSL certificate for your test server.
In any of the cases listed above, you’d be installing the two certificates on separate servers, so you wouldn’t need to follow any special steps.
RapidSSL Certificates from $12.42/Year!
Save Up to 82% on RapidSSL certificates from RapidSSLonline!