Wildcard SSL/TLS certificate

What is a wildcard SSL/TLS certificate?

Wildcard SSL certificate, also known as pan-domain SSL certificate, can protect a domain name and all sub-domains below the domain name, and the number of sub-domains is not limited.

There are 3 reasons why wildcard SSL certificates are so popular:

1. Time saving

The issuance time of wildcard SSL certificate is fast. The domain name type generally only takes 1-30 minutes to issue, and the same level sub-domain name can be added indefinitely without re-examination, which can save a lot of time and cost.

2. Save money

Many companies have many subdomains due to their business needs. If you apply for a certificate for each domain name, it will be very expensive, while applying for a wildcard SSL certificate will be much cheaper, and adding newThere is no additional charge for this level of subdomains.

3, save trouble

The wildcard certificate can protect multiple domain names with one certificate, which can bring great convenience to certificate management, without worrying about the loss caused by the expired certificate, which can save a lot of trouble.

The wildcard certificate does not limit the number of subdomains at that level to be protected. Usually, "*" is used to represent the wildcard, that is, at which level "*" is, all domain names at that level can be protected.Can be replaced with any alphanumeric underscore.

Many companies often open many subdomains for their websites due to business needs, such as http://baidu.com, with http://zhidao.baidu.com, http://www.baidu.com, http://map.baidu.com and many more*.http://baidu.com, at this time, forApplying for a certificate for each subdomain is obviously too cumbersome, the cost will increase a lot, and the management is relatively troublesome.If a wildcard certificate is used, all second-level subdomains can be obtained with one certificate.

If you only have one main domain name and many second-level subdomains that need https protection, then a standard wildcard SSL certificate will do the trick.

However, if you have many different main domain names, take Baidu as an example. Baidu has many domain names, and each domain name has many subdomains, even subdomains of different levels. As mentioned above, oneA standard wildcard certificate can only have one domain name and all subdomains at the next level of the domain name. What should I do in this situation?First of all, please look at the following picture of Baidu and the certificate:

1. This certificate of Baidu contains different main domain names, such as http://baidu.com, http://hao123.com etc.;

2. This certificate of Baidu contains wildcard characters that are not in the same level, such as second or third level, such as *.http://fanyi.baidu.com is http://baidu.com Wildcard of the third-level domain name;

3. In fact, this certificate of Baidu also contains a specific single domain name. Because of the screenshot, interested friends can directly open the Baidu website and click to view;

This shows that the SSL certificate can integrate different main domain names, different levels of subdomains, and single domain names.

Which wildcard SSL certificate is cheaper?

Wildcard SSL certificates are divided into two types of verification levels: domain verification type (DVSSL) and enterprise verification type (OVSSL). Wildcards have no enhanced verification type.

The domain name verification type (DVSSL) only needs to verify the management authority of the domain name applying for the certificate, and does not need to verify the real identity of the website enterprise. Generally, it can be issued in 1-30 minutes, and the price is more economical.

The domain name wildcard SSL certificate ensures that the transmission of website information from the user's browser to the server is encrypted and will not be stolen and tampered with.

This wildcard SSL certificate is suitable for small and medium-sized business websites, personal websites, etc. with many subdomains, and it is much cheaper than applying for a single SSL certificate.

In the domain name type wildcard SSL certificate[1]Among them, the cheapest one is Comodo PositiveSSL Wildcard Certificate; the second is Comodo EssentialSSL Wildcard Certificate.

Reference

1. ^Domain type wildcard SSL certificate KuaiSSL-Wildcard, DV Wildcard, DV Wildcard-Wotong Wildcard SSL Certificate!