Protecting subdomains is essential for comprehensive website security. SSL.com offers two solutions: Wildcard SSL for simplicity and UCC/SAN Certificates for flexibility. Below is a streamlined overview – for technical workflows, refer to SSL.com’s Knowledgbase.
Wildcard SSL Certificates
- Automatic Coverage: Secures example.com and all subdomains (e.g., blog.example.com, shop.example.com) without reprocessing.
- Ideal For: Sites with dynamic subdomains under one parent domain.
- Limitations:
- No support for multi-level wildcards (e.g., ..example.com).
- Cannot protect unrelated domains (e.g., example.net).
UCC/SAN Certificates
Key Steps to Add Subdomains
- Reprocess Your Certificate:
- Navigate to Orders > change domain(s)/rekey in SSL.com’s portal.
- Modify SANs:
- Add new subdomains (e.g., api.example.com) to the domain list.
- Reuse your CSR if keeping existing details (e.g., organization name).
- Validation:
- Subdomains under validated roots (e.g., dev.example.com) inherit approval.
- New parent domains (e.g., example.net) require fresh validation.
For detailed screenshots and CSR troubleshooting visit SSL.com’s Multi Domain Reprocessing Guide
Certificate Comparison
| Feature | Wildcard SSL | UCC/SAN Certificate |
|---|---|---|
| Subdomains | Auto-covered | Manual SAN listing |
| Multi-Domain | Single domain | Up to 500 domains |
| Cost | Fixed price | Base + per-SAN fees |
When to Choose Which
- Wildcard: Best for blogs, SaaS platforms, or staging environments with frequent subdomain creation.
- UCC/SAN: Ideal for securing multiple domains and their subdomains under a single certificate.
Pro Tip: Use SSL.com’s Health Check Monitoring (HCM) service to receive alerts about certificate expirations and installation issues.
Need Assistance?
- Quick Help: Live chat via SSL.com’s portal (bottom-right corner).
- Deep Dives: Email Support@SSL.com for multi-domain architecture reviews.
- Windows Users: Consider SSL.com Manager for certificate management and CSR generation on Windows servers.