Secure Sockets Layer (more commonly referred to as SSL) is the known industry standard used by millions of websites for protecting online transactions with their customers.
SSL used for making an encrypted link between a web server and a browser. This encrypted link guarantees that all data transferred between both ends remain private and intact.
To establish a secure connection, a web server needs an SSL Certificate. To activate SSL on our server, we will need to choose the correct SSL type as per our requirement. This guide will explain the core differences between SSL types.
Single SSL
Single-name SSL certificates protect a single sub-domain (hostname). For example, if we purchase a certificate for www.abcdomain.com it will not secure my.abcdomain.com.
At the sole discretion of the certificate authority, if we purchase a single-name certificate for the www hostname (www.mydomain.com), the certificate may also include the root domain (mydomain.com).
Multiple SSL SAN
A SAN (Subject Alternative Name) certificate allows for multiple domain names to be protected with a single certificate. For example, we could get a certificate for mydomain.com, and then add more SAN values to have the same certificate protect mydomain.org, mydomain.net, and even mydomain.com.
In most cases, the SAN values can be changed at any time during the life of the certificate – we just need to change the value, and then do a re-issue.
Wildcard SSL
A Wildcard SSL certificate allows us to secure multiple sub-domains with just one certificate. In many cases, the wildcard certificate makes more sense than a SAN (Subject Alternative Name) because it allows for unlimited sub-domains and we don’t need to define them at the time of purchase.
We can add sub-domains without having to redeploy the certificate. For example, we could use a wildcard certificate for the domain name mydomain.com and that certificate would also work for my.mydomain.com, my1.mydomain.com, and any other sub-domain. The wildcard refers to the fact that the certificate is provisioned for *.mydomain.com so that the certificate would just work, no reissue required.
That’s it! We hope this article is helpful.