SSL Certificates vs Wildcard: What’s the Difference?

6 votes, average: 4.33 out of 56 votes, average: 4.33 out of 56 votes, average: 4.33 out of 56 votes, average: 4.33 out of 56 votes, average: 4.33 out of 5 (6 votes, average: 4.33 out of 5, rated)
Loading...

Explore the similarities and differences between wildcard and standard SSL certificates 

When you decide to buy an SSL certificate, you get inundated with multiple types of SSL certificate options. The differences in features, prices, and warranties makes the entire buying process perplexing. We hear you! In this article, we’ll help you resolve one of the most common dilemmas people face while selecting an SSL certificate: SSL certificate vs Wildcard SSL. We have also covered the FAQs too. In addition, we have included discounted prices, validation level, warranties and technical compatibility of both the SSL certificates.  

How a Wildcard SSL Certificate Differs from a Regular SSL Certificate  

Standard SSL Certificates 

A regular SSL certificate, which is also known as a single-domain SSL certificate or a standard SSL certificate, secures one primary domain — both the WWW and the non-WWW versions of it. Of course, all internal webpages are covered under this regular SSL. For example: mysite.com, www.mysite.com, mysite.com/blog, mysite.com/products/shirts 

However, a standard SSL certificate doesn’t cover any subdomains. Examples of first-level subdomains for mysite.com include support.mysite.com, billing.mysite.com, blog.mysite.com, etc. They’re considered separate domains for encryption purposes. A regular, single-domain SSL certificate won’t cover these subdomains.  

Historically, you had to buy separate single domain certificates to secure each of these subdomains individually. To aid this scenario, the certificate authorities (CAs) brought wildcard SSL certificates to the market.   

Wildcard SSL Certificates 

A wildcard SSL secures your primary domain and all subdomains that exist on a single level of your websiteA wildcard SSL secures one primary domain and all of its first-level subdomains under the same SSL certificate. 

This means that if you own mysite.com, a wildcard SSL certificate will secure all the first-level subdomains such as www.mysite.com, support.mysite.com, billing.mysite.com, blog.mysite.com, etc. As such, you don’t need to buy separate SSL for each subdomain because they can be covered under a single wildcard SSL certificate. 

Another major benefit of using a wildcard SSL certificate is that you have to go through the certificate signing request (CSR) generation, verification, and installation process only once instead of doing all these processes for each subdomain individually.  

SSL Certificates vs Wildcard SSL Certificates

 Regular SSL  Wildcard  
Encryption strength  256 bits 256 bits 
Key length  2048-bit RSA signature keys 2048-bit RSA signature keys 
Coverage Non-WWW and WWW versions of a domain Non-WWW and WWW versions of a domain + UNLIMITED first-level subdomains 
Available validation level DV, OV, EV DV, OV 
Offers warranty Yes Yes 
Offers site seals Yes Yes 
Can be hosted on multiple servers No Yes 
Price  Starts from $12.42/year Starts from $118.36/year 
 Shop Regular SSL Certificates  Shop Wildcard SSL Certificates  

Frequently Asked Questions (FAQs) 

Where Can I Get an EV Wildcard? 

Extended validation (EV) is not available for wildcard SSLs. To secure your subdomains with EV SSL, you either need to buy separate single domain EV SSL certificates for each of the subdomains or buy an EV multi domain SSL certificate. To learn more, check out our latest article: Can I get an EV wildcard SSL? 

Is There Any Hidden Cost for Adding More Subdomains Under a Wildcard? 

No. RapidSSL allows you to cover UNLIMITED first-level subdomains under its wildcard SSL certificates. You don’t need to pay anything extra for adding any number of subdomains so long as they’re on the same subdomain level. Plus, you can add subdomains anytime you want. No hidden costs.  

What is the Difference in the CSR Generation Process for a Single Domain SSL and Wildcard? 

During the CSR generation process for a single domain SSL certificate, enter the fully qualified domain name (FQDN), which is your primary domain (e.g., mysite.com), in the Domains field.  

To generate a CSR for a wildcard SSL certificate, add an asterisk in front of the FQDN (*.mysite.com). A word of caution: Don’t write * before the www version of the domain like *.www.mysite.com unless you want to secure the second level of subdomains such as blog.www.mysite.com, mail.www.mysite.com, etc., which is quite an unusual practice. 

Can I Secure the Second Level of a Subdomain with a Wildcard SSL? 

Yes! But to secure the second level of subdomains (*.page.mysite.com), you need to buy a separate wildcard SSL for your first level of the subdomains. For example, to secure us.support.mysite.com or canada.support.mysite.com, you need to get a wildcard for support.mysite.com.  

In other words, a wildcard for *.mysite.com can’t secure its second level subdomains. For that, you need to buy a new wildcard for the first level subdomain *.support.mysite.com 

How Much Warranty is Provided with a Wildcard SSL? 

Warranty amount ranges from $10,000 to $1,500,000 ($1.5MM), depending on the type of wildcard SSL certificate you choose. For cost and warranty comparisons, check out the table below: 

 Validation Warranty Price 
RapidSSL Wildcard Certificate  Domain Validation (DV) $10,000 $118.36/Year 
GeoTrust QuickSSL Premium Wildcard  Domain Validation (DV) $500,000 $216.05/Year 
Thawte SSL123 Wildcard Certificate   Domain Validation (DV)  $500,000  $230.95/Year 
Thawte Wildcard SSL Certificate  Organization Validation (OV)  $1,250,000  $323.46/Year 
GeoTrust True BusinessID Wildcard  Organization Validation (OV) $1,250,000 $359.40/year 
Symantec Secure Site Wildcard  Organization Validation (OV)  $1,500,000 $1,579.21/Year 
Symantec Secure Site Pro Wildcard  Organization Validation (OV)  $1,500,000 $3,930.25/ Year 

Does It Cost Extra to Install a Wildcard Certificate on Multiple Servers? 

No! All the wildcard SSL certificates (except Symantec) on RapidSSLOnline.com come with unlimited server licensing. You don’t need to pay anything extra to install the same wildcard certificate on multiple servers.  We don’t charge extra for the additional usage of the product that customers have already purchased.