We’ll discuss why this type of SSL certificate is seemingly impossible to find
EV wildcard SSL certificates are rare beasts, almost never observed in the wild. We get asked a lot where one can find such a rare certificate and we always tell them that journey will be long and arduous. First, you’ll need to find a mirror that can transport you to Narnia… Oh, that sounds fantastical? Well, EV wildcards are just as fantastical.
Read: they don’t exist.
EV wildcards are as real as a nine-dollar bill or good-tasting food that’s sugar free and fat free.
If you want to secure your domains and subdomains while also getting the EV green address bar, this means you’ll need to explore other options: using single domain or multi-domain EV certificates.
Extended Validation & Wildcards: Ne’er the Two Will Meet
Extended validation is the highest level of validation that is offered by any certificate authority (CA). It requires an organization to undergo a thorough business vetting before they’ll ever receive the blessing of a CA’s stamp of authentication. It grants websites special treatment, displaying the organization’s name in the address bar.
Wildcards, on the other hand, are SSL certificates that can secure a domain and all its first-level sub-domains. Wildcards are issued at the domain validation (DV) and organization validation (OV) levels only because they don’t require the same extensive level of attention as the EV validation process.
Don’t Waste Time on Non-Existent EV Wildcards — Secure Your Site with EV Multi Domain SSL!
We offer the best discount on all types of EV Multi Domain SSL Certificates, including PositiveSSL EV Multi Domain SSL Certificates.
Still not sure why CAs don’t issue EV wildcard SSL certificates? We’ll explain it another way.
Why EV Wildcard SSL Certificates Don’t Exist
The reason there’s no EV wildcard SSL certificate is owed to the fact the wildcard symbol, the asterisk, affords too much power without adequate vetting. As the famous uncle of a superhero named after an arachnid once said: “With great power comes great responsibility.” We hear you, Uncle Ben — and, apparently, so did the CA/B Forum, which is why they strictly prohibit the issuance of EV wildcard SSL certificates.
Given the nature of shared hosting environments, and the fact phishing sites are now being hosted on sites like Microsoft Azure and AWS, an EV wildcard could inadvertently apply the green EV address bar to a malicious website. This would, in turn, create attack vectors where an individual subdomain could be come compromised and lead to massive problems both for you and your customers.
Ergo, no EV wildcard SSL. Period. That’s why there’s literally nowhere you can find an EV wildcard certificate.
However, remember, you do have other options…
Use a Single-Domain or Multi Domain EV SSL Certificate
Hey, it’s not all doom and gloom — there’s still good news: You can still secure your domains and subdomains with extended validation. You’ll just have to do it using an EV multi domain SSL certificate or a bunch of individual single domain certificates.
The most efficient route, however, would be to use an EV multi domain SSL certificate such as a PositiveSSL EV multi domain SSL certificate, which will allow you to list each domain and subdomain as individual SANs. This will allow you to secure each domain and subdomain with the green address bar you so clearly desire.