Why use wildcard SSL certificate on multiple servers?
There are advantages to hosting subdomains on different servers. You can point web visitors to specific subdomains without forcing them to go through the home page. Also, having different subdomains hosted and managed by different departments can increase operational efficiency. For example, you can effectively host and manage your main domain (yourdomain.com) from one server, your blog (blog.yourdomain.com) via a WordPress host, your support page (support.yourdomain.com) through your third-party helpdesk vendor, and your bill page (billing.yourdomain.com) through your accounting company on another server. But, how do you keep all the pages secure?
A wildcard SSL/TLS certificate secures all the subdomains under a single SSL certificate. When subdomains exist on one server, it means that you only need to install that certificate on the one server. But when you have different subdomains hosted on different servers, you need to install the same wildcard certificate on each of the servers individually.
How Much Does It Cost to Install Wildcard SSL Certificate on Multiple Servers?
Some certificate authorities (CAs), like Symantec, charge extra to install the same wildcard SSL on multiple servers while CAs like Sectigo (previously Comodo CA), RapidSSL, GeoTrust, Thawte, etc. offer unlimited server licenses. In other words, you don’t need to pay anything extra to install the same wildcard certificate on multiple servers.
At CheapSSLsecurity, we sell all types of SSL certificates at unbelievable discounts. Whether you are a brand-conscious person who wants to specifically buy a Symantec wildcard SSL certificate, or you are a cost-savings pro who will shop around for a comparable certificate at the best price, at the end, you are going to get unbeatable deals at CheapSSLsecurity!
Check Out Our Top Wildcard SSL Certificates.
|SSL Certificate Brands||Retail Price||Our Price||Server License|
|Comodo PositiveSSL Wildcard||$249/year||$52.95/Year (Save 78%)||Unlimited||Buy Now|
|RapidSSL Wildcard||$249/year||$72.31/year (Save 71%)||Unlimited||Buy Now|
|GeoTrust QuickSSL Premium Wildcard||$745/year||$145.44/year (Save 80%||Unlimited||Buy Now|
|Thawte SSL123 Wildcard SSL||$745/year||$145.44/year (Save 80%)||Unlimited||Buy Now|
|DigiCert Wildcard SSL||$527.08/year||$160.92/year (Save 23%)||Unlimited||Buy Now|
|Digicert Secure Site Wildcard SSL||$1,475.00/year||$524.00/year (Save 26%)||Unlimited||Buy Now|
|Symantec Secure Site Wildcard SSL||$1999/year||$1,421.06/year||One Server||Buy Now|
How to Install Wildcard SSL Certificate on Multiple Servers — An Overview
The first step after purchasing an SSL certificate is generating a Certificate Signing Request (CSR). Different servers and software have different CSR generation and SSL installation processes. You need to generate a CSR on just one server and not on all of the additional servers. This is a one-time process.
Once the CSR is generated and the CA issues an SSL certificate after the validation process, you first need to install the certificate on the primary server (where you have generated the CSR). Then, follow the same installation process in all other additional servers (i.e., install the files provided by CA in the required location). There is just one additional step: Copy the private key from the primary server and paste it to all other servers where your subdomains are hosted.
In this article, we cover the CSR generation process and private key transfer process for cPanel.
CSR Generation on cPanel.
Step One: Log into cPanel.
Step Two: Click on SSL/TLS Manager in the Security section.
Step Three: Go to Generate, view, or delete SSL certificate signing requests under the Certificate Signing Requests (CSR).
Step Four: Fill in the following fields with only alphanumeric characters:
- Domains: Enter the fully qualified domain name. The primary domain name for which you have applied the SSL certificate. Add an asterisk in front of the domain (*.yourdomain.com). Caution: Don’t write * before the www version of the domain like *.www.yourdomain.com. unless you want to secure second level of subdomains such as blog.www.yourdomain.com, mail.www.yourdomain.com etc., which is quite an unusual process.
- City: Provide the full name of your city. Do not use abbreviations.
- State: Provide the full name of your State. Do not use abbreviations.
- Country: Select country from the drop-down menu.
- Company: Officially registered name for your business. It is mandatory for Organization and Extended Validation certificates. For Domain Validation SSLs, you can use “NA” if your organization is not legally registered.
- Company Division: Department name inside the organization. Write “NA” if a certificate a Domain Validation certificate or there are no departments in the company.
- Email: Enter your e-mail address. This field is optional.
- Passphrase: Keep this field black.
- Description: Add some keywords in order to locate a particular CSR in the list if you have more than one CSR. This too is optional.
Step Five: Click Generate.
At this point, your private and public keys will be successfully generated. The private key will be stored locally on the server and is needed for decrypting the data your users send you on your website. Your CSR will be sent to a certificate authority and is required for certificate issuance.
After you send the required details along with the CSR to your CA and follow the validation process, the CA will issue the certificate and email you the files that you need to complete the certificate installation. The certificate must be installed to the original server.
The process of installing a wildcard certificate on additional servers is the same with just one extra step. You need to copy the private key from the original server and paste it to each additional server. You must keep your private key secure. If you are copying it to your local device, encrypt it and keep the file password protected. If your private key is compromised, the SSL certificate will become useless.
How to Locate and Transfer Your Private Key to Multiple Servers Using cPanel
Step One: In cPanel, go to SSL/TLS >.
Step Two: Select Generate, view, upload, or delete your private keys.
Step Three: Click Edit.
Step Four: Copy the entire private key from the box labeled
Encoded Private Key. Do not forget to copy header ”—–BEGIN RSA PRIVATE KEY—–” and footer ”—–END RSA PRIVATE KEY—–” as well.
Step Five: Paste your private key into the private key box on each additional server that you want to install the wildcard SSL certificate on.
Step Six: Add your certificate bundle and intermediate certificate on each additional server. The installation process is now complete!