Subject Alternative Names (SANs) Make DigiCert SSL Certificates More Flexible, Affordable and Mobile-Compatible for Enterprise Applications

(February 10, 2009) — The launch of Microsoft Exchange Server 2007 has given rise to the widespread use of Subject Alternative Names (SANs) in a single SSL certificate to protect multiple host names. DigiCert, Inc., the most trusted provider of enterpriseclass high-assurance SSL certificates, has pioneered the use of SANs to add even more costeffective, convenient and secure features to its SSL certificates, particularly its Unified Communications (UC) and WildCard digital certificates.

“Before the use of SANs in certificates became available, companies either had to buy separate SSL certificates for each site or server needing security, or use a wildcard certificate to secure unlimited first-level subdomains,” said Travis Tidball, director of customer relations at DigiCert. “New server platforms such as Exchange 2007 require a user to connect securely to both internal and external names using a single SSL certificate. This isn’t possible without SANs in a certificate.”

The addition of multiple SAN fields to SSL certificates makes certificate management simpler, easier and less expensive than procuring multiple certificates. With SANs, one UC certificate can be used to secure multiple names, including fully-qualified domain names, hostnames, server names or IP addresses. Administrators can easily add or modify coverage on up to 150 different server names through the free certificate management tools found in every DigiCert account. DigiCert SSL certificates with SANs provide a higher level of compatibility than any other type of digital certificate on the market. The company’s WildCard certificate with SANs provides true wildcard coverage for multiple subdomains, where others only work with first-level subdomains. This feature renders DigiCert’s WildCard certificate seamlessly compatible with Windows Mobile 5, which is not configured to accept the wildcard asterisk (*) symbol. A DigiCert WildCard certificate allows administrators to include SANs to specify unique subdomains, enabling the certificate to work when it otherwise would not.

“A SAN-enabled Wildcard certificate means that there’s no mix and match of certificates and servers, and no need for the added cost of multiple certificates,” Tidball says. “One flat price covers everything on the domain, and the whole system is much easier to manage.” For added admin security, DigiCert is the only certificate provider in the industry to provide the option of obtaining duplicate certificates for an unlimited number of unique private keys, eliminating the risk associated with private key sharing.

“With a single, shared private key, if it gets compromised in one instance, it puts the whole system at risk,” Tidball said. “Our Unified Communications and Wildcard product offerings include duplicate certificates to match multiple unique private keys, affording greater flexibility and security across the network.”

DigiCert offers a 30-day trial period for all SSL certificate products and provides a full 100% money-back guarantee. All products are backed by DigiCert’s industry-leading personalized support service, including step-by-step certificate setup and installation and ongoing support. DigiCert is a WebTrust Certified Certificate Authority, a member of the CA/Browser Forum, the W3C Consortium, and the Authentication and Online Trust Alliance.

For more information, visit

About DigiCert, Inc.

DigiCert, Inc. is a leading provider of enterprise-grade, high-assurance, 256-bit SSL Certificates trusted by many national and state governments, educational and medical institutions, and Fortune 500 companies around the world. DigiCert’s commitment to innovation and value provides clients with peace of mind backed by a 100% money-back guarantee and live 24-hour phone, chat and email support, along with intuitive GUI certificate management. Located in Lindon, Utah, DigiCert is a WebTrust Certified Certificate Authority, a member of the CA/Browser Forum, the W3C Consortium, and the Authentication and Online Trust Alliance.