Adding SAN Names to Wildcard SSL Certificates
The Basics on Wildcards
Wildcard certificates allow server administrators to save hundreds or even thousands of dollars on SSL certificates by installing the same certificate to multiple websites or servers at no additional cost. With our unlimited server license, there are no hidden costs or fees, you pay for what you expect, without having to pay again to install your certificate on a second server.
Even better, our Wildcards take advantage of the certificate Subject Alternate Name field, including two special features that admins might not be familiar with.
The first is that we automatically include as a SAN your domain name without any subdomain (e.g., domain.com). Second, we allow you to define your own SANs for your Wildcard cert at no extra cost (as long as the SAN is a subdomain of your existing domain).
Why Would That Matter?
In general, Wildcard certificates can only be used to secure first level sub-domains of the domain that they are issued to.
For example, a standard Wildcard SSL cert will be issued to *.domain.com. Once that certificate is properly installed on your server/servers, users will be able to connect securely to www.domain.com, mail.domain.com, autodiscover.domain.com, and really anything you can imagine that is somesubdomainof.domain.com.
However, because the name on your certificate must exactly match the name that a user is connecting to, a standard Wildcard will not allow your users to connect to your domain with NO subdomain, domain.com, or with multiple levels of subdomains, multiple.sublevels.domain.com. That obviously isn't the end of the world, but for a lot of server administrators, it can be quite the hassle.
Additionally, this allows some devices that are not normally compatible with wildcard certificates to work when they otherwise would not (e.g., mobile phones running older versions of Windows Mobile 5).
The Solution
Customers are able to add any additional subdomains that they need to their certificate during the order process (example.domain.com, sub1.example.domain.com, etc.). Additionally, DigiCert WildCard certificates issued to *.domain.com will automatically include domain.com as a free SAN.
Free duplicate certificates can even be generated for your Wildcard SSL certificates after purchase, as highlighted in the image below. An admin can simply enter the names that he wishes to secure into the forms provided to secure absolutely.any.subdomain.of.his.domain.com. This can be done at any point in time during the validity of the original certificate for no extra cost.
SAN Name Wildcard SSL Certification
Learn how to add Subject Alt Names to your Wildcard.
