Thursday, October 13, 2011

Wildcard SSL certificate

What is wildcard SSL certificate?
SSL certificates containing the wildcard character "*" in the CN of a server are called wildcard certificates. A "*" wildcard character MAY be used as the left-most name component in the certificate. For example, * would match,, etc. but would not match

When to use wildcard SSL certificate?

1. Wildcard SSL certificate is good for one top domain but needs multiple sub domains, something like
Instead of purchasing 4 SSL certificate, you can purchase one * wildcard SSL certificate.

2. Wildcard is good for many servers using different sub domains.

3. Wildcard doesn't support EV (extended verification), therefore if you need EV, you have to use regular certificate

What is the price?

Wildcard providers have 2 charge models: one is per server, the other is unlimited servers (See below for Pricing and providers, as of Oct 1, 2011, and the list is subject to change without notice, therefore always check providers' official website/sales rep for latest quote and product information) $475 per year (3 years term, unlimited server)

the Wildcard certificate is $639 and every additional server you need it on would be $447. (3 years term has 15% discount)
[This info was from sales rep when I contacted them]

VeriSign - unknown (It is expensive, might be around $800)

GeoTrust Wildcard $446.00

Godaddy is the cheapest $179.99

One VIP multiple cert?
There seems no good answer for this question, different load balancers might have different behaviors, but F5 seems to support this from below article
And digicert seems to support multiple domain names in one wildcard certificate via SubjectAltName

1 comment:

  1. Great Information including price matrix, thanks for sharing it with US but there are some platinum certificate authority which have been offering less price WildCard SSL certificates. List of platinum authority enlisted below

    - Thanks WildCard SSL | Code Signing Certificate