Simplify certificate management and secure multiple domains with Multi-Domain SSL Certificates
For Small and Medium sized businesses (SMB), and even some larger ones – web security can be an expensive and tricky proposition. Especially if you’re managing multiple websites. While larger corporations can invest the capital and manpower to manage multiple SSL certificates across multiple domains and Sub-Domains, other businesses are looking for a more simplified approach. That’s where Multi-Domain SSL and UCC (Unified Communication Certificate) comes into play.
What is Multi-Domain SSL?
As the name suggests, Multi-Domain (SAN) SSL certificates are capable of securing multiple domains on a single cert. They do this with the use of SANs, or Subject Alternative Names. Essentially it functions like this, upon filling out your CSR (Certificate Signing Request), you will be asked to list your FQDN (fully qualified domain name), this is your base domain and it will appear in the certificate information as the site that the SSL certificate is registered to.
You then fill out your SAN fields—up to 100 of them. The SANs will be secured in the same way as your FQDN, nd will appear in the SAN fields under the certificate information. SANs can be Sub-Domains, domains with different TLDs (Top level domains) or any other variation. For example, a Multi-Domain SSL certificate can secure:
- yourdomain.com (FQDN)
- yourdomain.com (SAN)
- yourdomain.net (SAN)
- yourotherdomain.com (SAN)
- yourotherdomain.com (SAN)
And up to 96 more. The domains don’t even need to be on the same server as long as the Multi-Domain SSL certificate you purchase comes with unlimited server licenses. There are a couple of things to note with Multi-Domain SSL though.
Multi Domain SSL Certificate (SAN) Features
For one, you have to pay for each SAN. Most certificates come with a few (between three and five) pre-packaged, so if you’re just securing a few domains you should be covered by the base price of the certificate. But if you’re securing more than that, you pay per the SAN. It’s cheaper than it would be to purchase individual SSL certificates for all of the domains you’re trying to secure, but it can still get a bit price.
The other thing that’s worth noting is that all of the SANs will appear in the certificate information. That may not sound like a bad thing, but say for instance your company has multiple divisions or brands and you’re trying to keep their association with one another private – the connection is going to be obvious as soon as someone investigates the SSL certificate for any of the sites protected by your Multi-Domain cert. If you do have DBAs, divisions or brands you’re trying to keep separate, in that instance it would be better to buy multiple certificates to secure each.
What is a Unified Communications SSL Certificate?
A UCC or Unified Communications SSL is a type of Multi-Domain SSL certificate that is optimized for Microsoft servers—mainly Microsoft Exchange 2007, Microsoft Exchange 2010 and Microsoft Live Communications.
Other Multi-Domain certificates (non-UCC) will still work on those servers (and actually UCC certs can work on non-Microsoft servers too), but UCC SSL was essentially branded for Microsoft. They come set up to work with Microsoft servers’ default configurations and are guaranteed to work with those servers even if they’re configured differently.
The reason UCC SSL exists harkens back to a time before the CA/B forum (Certificate Authority and Browser forum) – which essentially acts as the governing body for the CAs – had regulated SSL certificates to the point where they all worked pretty much uniformly across all servers. As we mentioned, today you can use just about any Multi-Domain SSL certificate on any server, Microsoft or not, but there was a time when UCC really was the go-to for anyone running on a Microsoft platform.
The Benefits of Multi-Domain SSL for Business
There are a number of reasons Multi-Domain SSL is an optimal business security system, especially for SMBs. For starters, it reduces costs. Rather than pay for one certificate for each domain or Sub-Domain that needs to be encrypted, you’re paying for one certificate that can encrypt them all. As we me discussed earlier, you may still have to pay for several extra SANs depending on your needs, but that’s still going to be cheaper than paying for additional certs.
Beyond cost, Multi-Domain SSL makes management of your SSL certificates considerably easier. Rather than worrying about a whole host of certificates – that means purchasing them, getting them validated, installing them and then configuring your servers – you just have to do it one time.
It also pays dividends when it comes time to renew. Imagine the administrative nightmare that would come with keeping up with the expiration dates of 10 different certificates, then following up on purchasing new ones and re-installing them. With Multi-Domain SSL you’re eliminating that entire headache and replacing it with one certificate, one installation and one renewal date. For Small and Medium sized businesses especially, simplifying this process can be a huge help.
The Benefits of Multi-Domain SSL for Enterprise
Of course, Small and Medium sized businesses are not the only group that can benefit from Multi-Domain SSL. Larger companies may even find it more convenient. For instance, a multinational corporation may have business websites in multiple countries which means multiple TLDs. Maybe the company has a presence in India, Australia and Germany:
- bigcompany.com (FQDN)
- bigcompany.in (SAN)
- bigcompany.au (SAN)
- bigcompany.de (SAN)
With a Multi-Domain certificate, that company can secure all of those sites with just a single cert rather than purchasing one certificate for every country they have a site hosted in. Again, this saves on costs and administrative headaches. It streamlines everything, and that’s a word enterprise companies love—streamlining.
Multi-Domain SSL is one of the most versatile and useful tools available. It offers top-level encryption to multiple sites while also easing administrative burdens and saving on cost. Regardless of whether you’re an SMB or a huge corporation, that’s something everyone can agree is advantageous. So regardless of your company’s size, if you’re managing multiple sites, the best way to secure them all without breaking your bank (or your back) is Multi-Domain SSL.