Comparing two certificate types that really aren’t even all that similar
As a lowly writer, I rarely question the queries handed down by the SEO gods. They’re fickle and operate on a level far beyond what our human minds can grasp. Kind of like Sovereign from Mass Effect, only with less “people skills.”
But every now and then, a request gets handed down that seems so dumb on its face that I just need to point out that I didn’t pick this topic. Nor do I think people actually ask this question: “What is the difference between a UCC SSL certificate and wildcard SSL certificate, and which is the best option?”
Let’s start with what these two certificates have in common. Then we’ll discuss the myriad differences that makes this such a silly topic.
Similarities: UCC SSL vs Wildcard SSL Certificates
The most obvious similarity is that they’re both SSL certificates.
Ok, let’s delve a little deeper into that for the sake of keyword proximity and padding out the length as an offering to the aforementioned SEO deities. Both of these certificates:
- Are X.509 digital certificates;
- Encrypt your website’s connections via HTTPS;
- Authenticate the server, and potentially the organization running the website;
- Require the generation of a certificate signing request (CSR);
- Have an option of RSA or Diffie-Hellman key exchange and either RSA or ECC digital signatures; and
- Associated with a public/private key pair.
Continuing with this theme of UCC vs wildcard, let’s talk about how they’re different.
Differences: UCC SSL Certificate vs Wildcard SSL certificates
If you’ve never had to shop for SSL before, it’s understandable you might not know what one or both of these are. So, it’s not really the comparison that’s silly. It’s the idea that one is the “best option” because that’s entirely subjective and beholden to a number of factors that will make the answer different for everyone.
This stems from the fact that they are entirely different use cases.
UCC certificates are specifically designed for use in Microsoft Exchange and Office Communications servers. They’re akin to multi-domain certificates, meaning they can secure addition domains and sub-domains, provided they are listed in the “Subject Alternative Name” (SAN) field of the CSR. If you use either of these servers, the UCC certificate is the one for you because it’s been specifically tailored for play well with those environments. So, while you could use another certificate, this is the optimal use case for the UCC.
Wildcard SSL certificates secure one domain and all its first-level sub-domains. Not multiple sites, not multiple sub-domain levels. And it doesn’t come with an EV option, either. There is a very specific use-case for wildcards, too.
But the two use cases are almost entirely different. One is ideal for a shared hosting situation or a website that uses lots of sub-domains. he other is specifically designed for a certain type of server and offers the flexibility to secure multiple sites hosted on that server.
This means that in response to the question about which is “better” — a UCC certificate vs wildcard SSL — the answer of is entirely up to you.