At first glance SSL certificates can be a confusing mess of options as you have shared, extended, wildcard, and multi-domain. Each one has it’s own purpose with a plethora of strengths and weaknesses, but it’s the multi-domain SAN SSL certificate that really shines.

What’s a multi-domain SAN SSL certificate?

SAN stands for Subject Alternative Names, it helps protect multiple host names under a single SSL certificate and is commonly used for sites that have specific domains that don’t change frequently. A SAN offers the ability to add several domains and sub-domains to the SSL certificate on the fly and then reissued.

What are the benefits?

SAN certificates are an easy way to protect unified communications and multiple host names whilst saving money and time with additional added perks like:

• Secure multiple domains
• Enable up to 256-bit SSL encryption
• One IP on multiple hosted SSL sites
• Easy to manage and reissue certificates
• Cost and time effective

Not to be confused with a wildcard SSL, the SAN SSL has it’s own purpose for anyone looking to secure their site.

Difference between SAN and wildcard certificates?

A wildcard certificate secures the root domain and sub-domains, for instance applying one to:

mysite.com

Will also apply to:

www.mysite.com
checkout.mysite.com
blog.mysite.com

Alternatively a SAN certificate secures several different domains, so for instance:

mysite.com
yoursite.com
hissite.com
hersite.com

Wildcard SSL certificates are best suited for one dedicated IP that plans to build out and secure all their sub-domains, whereas a SAN SSL certificate is great for managing multiple different sites with room for expansion, plus it’s easy to manage and saves money on dedicated and wildcard SSL certificates.

Applying a SAN SSL Certificate

Applying a SAN certificate is just like any other certificate, you need to add the certificate code:

-----BEGIN CERTIFICATE-----
SSL certificate code
-----END CERTIFICATE-----

Then the private key:

-----BEGIN RSA PRIVATE KEY-----
Private key code
-----END RSA PRIVATE KEY-----

Contact your issuing provider if you want to add domains to the certificate, they will give you an updated version including the new and old domains/sub-domains.

SAN SSL on a CDN

For those looking to apply a SAN certificate on a CDN it’s super easy, especially with how we’ve made it at CDNify with our SSL integration, plus there’s no extra cost for applying a certificate as you can do it as many time as you want.