An in-depth look at the differences between two popular SSL certificate types: Wildcard SSL Vs. Regular SSL
HTTPS is now pretty much a standard requirement for all websites if they want to be seen as trustworthy. However, different users and website owners have different requirements so you might be concerned about which type of SSL certificate would serve your needs best.
In this article we will compare two of the most popular SSL certificates — Wildcard Certificate and Regular SSL (Standard SSL) Certificate. Here “Regular SSL Certificate” may also be referred to as Domain Validated SSL Certificate, Single Domain SSL Certificate, or Standard Certificate.
Wildcard SSL Certificate vs. Regular SSL Certificate: Similarities
Both wildcard certificate and regular certificate are equally secure and provide the same industry-standard 2048-bit RSA signature keys and 256-bit encryption. All reputable SSL certificates meet these requirements.
Wildcard SSL vs. Single Domain SSL: Differences
Regular SSL Certificate
Regular SSL or Domain Validated (DV) SSL certificates can only cover one domain and one sub-domain within that domain. These certificates are, however, available for all validation levels, including EV SSL certification. These are ideally suited for individuals that own a single website and are certain they will not be adding additional sub-domains.
For example, a standard SSL or DV SSL can only cover the website https://www.website.com.
Wildcard SSL Certificate
Wildcard SSL certificates can cover websites with multiple sub-domains. While purchasing the wildcard SSL, you need to place an asterisk before the domain level that you want to encrypt. This will allow all of its sub-domain variants to automatically be covered, no matter how many sub-domains you add later.
For example, for *.website.com, the wildcard certificate will also cover sub-domains like blog.website.com, support.website.com, or any other.
The biggest drawback of a wildcard certificate is that there is no EV option so you cannot get the green address bar in Google Chrome. This is a security decision taken because wildcard certificates require you to share a single private key across all the sub-domains, even if they are on different servers. As such, if a private key is compromised, the security of all the sub-domains will be impacted.
Wildcard SSL vs. Domain Validated SSL Certificate
|Wildcard SSL Certificate||Domain Validated (DV) SSL Certificate|
|2048-bit RSA signature keys.||2048-bit RSA signature keys.|
|256-bit encryption.||256-bit encryption.|
|Covers multiple sub-domains within a primary domain.||Covers a single sub-domain within a single primary domain.|
|EV option is unavailable.||Available for all validation levels, including EV certification.|
|Private key shared across all sub-domains.||Private key for the sub-domain is not used by any other sub-domains.|
|Read More on Wildcard SSL Features||Read More on DV SSL Features|
What kind of SSL Certificate do I need?
If your website has a single sub-domain and you don’t intend to add any more, you should use a domain certificate. However, if your website has multiple sub-domains and you want to secure all of them, a wildcard certificate will be a lot more reasonable.
Other Important Resources on Wildcard SSL & Domain Validated SSL