If you’re here because you’re wondering about the difference between a SAN certificate vs wildcard certificate, then you’ve come to the right place. So, what’s the answer to this great cosmic question about SSL certificates?
… A lot.
No, seriously, when you’re talking about a SAN certificate — or what’s also known as a multi domain certificate — there are a couple of significant differences between it and a wildcard certificate that need to be discussed. Let’s go ahead and break them down.
Comparing a SAN Certificate vs Wildcard Certificate: What is a SAN Certificate?
Let’s start by explaining what SAN means. SAN stands for “subject alternative name,” which is a field on your SSL certificate. This means that when we’re talking about SANs, the term refers to digital certificates that allow you to cover multiple hostnames (domain names, IP addresses, etc.) with a single SSL certificate.
Wait, that sounds like a multi domain SSL certificate, right? Yes, if you’re thinking that, then you’d be right. Multi domain SSL certificates are sometimes called SAN certificates. Heck, sometimes they’re even called UCC certificates, which stands for unified communications certificates. But that refers to a type of multi domain SSL certificate that was originally designed for just Microsoft Exchange and Communication servers.
Enough about UCCs, though. What do multi domain/SAN certificates cover?
Why SAN Certificates are Beneficial
A multi domain certificate allows you to cover multiple fully qualified domain names (FQDNs) with one certificate. This means that your primary domain and SAN domains — up to a total of 250 domains, depending on the issuing certificate authority (CA) — can be secure using a single certificate. Also, you can add, alter, or remove additional domains with this certificate at any point of its lifecycle.
Here are a few examples of the domains you’d be able to secure:
- www.domain.com
- email.domain.co.uk
- www.domain2.org
- login.domain2.com
- dev.domain.com
A little-known fact about SAN certificates is that they can be used to secure a wildcard domain if you choose a wildcard enabled SAN certificate.
SAN certificates are also available at all three validation levels: domain validation (DV), organization validation (OV), and extended validation (EV). This means that whichever validation level you choose, there’s a multi domain certificate to match your needs.
Save Up to 82% on SAN Certificates from RapidSSLonline!
Protect multiple domains with a single Multi Domain/SAN SSL Certificate from brands like GeoTrust, Symantec, and Thawte.
Which brings us around to our next topic. What’s a wildcard certificate and what does it cover?
Comparing a SAN Certificate vs Wildcard Certificate: What is a Wildcard Certificate?
A wildcard SSL certificate is one that you can use to secure a primary domain and an unlimited number of subdomains on a single level. This means that regardless of whether you have 10 subdomains or 10,000 on a single level, you’d be able to secure them all with just one certificate.
If you’re not sure what we mean by subdomain levels, we’ll take a moment to explain.
Every URL address is broken down into different segments, with each additional subdomain level extending left away from the start of the domain. For example, let’s consider a first-level subdomain, which looks like mail.domain.com. It’s denoted on an SSL certificate with an asterisk (*.domain.com).
A second-level subdomain, on the other hand, looks like this: login.mail.domain.com. This means that it’s identified as *.mail.domain.com.
A third-level subdomain looks like something.login.mail.domain.com (third-level subdomains are identified as *.login.mail.domain.com).
… So on and so forth. You get the idea. But, again, to reiterate: You can only secure the subdomains on a single level, not multiple levels, with a wildcard SSL certificate. This means that to secure another layer of subdomains, you’d need to purchase a second wildcard cert.
Save Up to 71% on Wildcard SSL Certificates
Securing all of your single-level subdomains doesn’t have to cost you an arm and a leg. Get Wildcard SSL certificates starting for as little as $118.36 per year!
SAN Certificate vs Wildcard Certificate: Outlining the Differences
Now that we know how both types of SSL certificates work, we can discuss the difference between a SAN certificate and a wildcard certificate.
Let’s briefly recall the differences between the two:
- SAN certificates cover multiple FQDNs and SANs (up to a total of 250 domains for some brands).
- SAN certificates are available with any level of basic or business validation (DV, OV, or EV).
- Wildcard certificates are available with only DV and OV validation options.
- Wildcard certificates can secure an unlimited number of subdomains on a single level.