SAN certificates for SSL, also known as multi-domain certificates, allow businesses to secure multiple domains and subdomains with one certificate under a master domain. SAN certificates are a cost-effective solution for businesses that operate multiple websites and solutions on different domains.
SAN should not be confused with Wildcard solutions, where a single certificate can secure an unlimited number of subdomains under a main domain. SAN certificates can cover several top-level domains and also specific subdomains under these domains.
However, it is possible to combine SAN and Wildcard solutions: A wildcard domain can be added as a subdomain in a SAN solution under a main domain.
For businesses that track many domains, multi-domain certificates can make it easier to track SSL certificates while reducing costs. SAN solutions are flexible and allow you to change, remove or add domains on the fly.
SAN certificates are suitable for, among other things:
- Companies with multiple websites that belong together
- Organizations with one main page and local landing pages
- Companies with their own websites in different countries
- Online stores with multiple domains
Commfides offers SAN solutions for all three security levels of SSL certificates:
DV (Domain Validation): Basic protection, ideal for smaller websites.
OV (Organization Validation): More secure solution that also verifies your organization’s identity.
EV (Extended Validation): Highest level of security for SSL certificates
In order to issue an EV certificate, the issuer must, among other things, verify the organization’s identity and legal status. The physical existence of the company must be confirmed and a person authorized to sign for the company must confirm the order.
The process for validating an organization for an EV certificate is an international standard. It is set by the CA/Browser Forum, a body representing certificate authorities and browser manufacturers. Those who issue the certificates must also meet strict requirements.
The strict approval process is designed for the types of websites that require the greatest security and trust in the organization behind them. These organizations typically handle either payment information or sensitive personal information.
Some examples:
- Company pages with login or payment
- Online stores and marketplaces
- Bankers
- Insurance companies
- Health portals
- Public websites and services
- Universities and colleges
EV certificates have a higher price level than other SSL certificates due to the thorough validation process. The process typically takes 1-2 weeks and the certificates need to be renewed regularly. However, for many organizations, the benefits that come with increased trust and security can outweigh the increased cost and waiting time.
