The Most Powerful Wildcard Certificate on the Market
Wildcard SSL certificates secure a domain and all of its sub domains on an unlimited number of servers. Entrust’s Wildcard SSL is the only Wildcard certificate to also support up to 250 Subject Alternative Names (SANs) allowing you to add non-related domain names and even non-related wildcard domains in one certificate.
Entrust Wildcard SSL Certificates offer a great combination of flexibility and value, allowing system administrators to future-proof the addition of more sub-domains while streamlining management. Plus all Entrust Wildcard SSL certificates come with a website security bundle to find malware on your website and protect it from being blacklisted.
How does a Wildcard SSL Certificate Work?
The difference between a Wildcard SSL Certificate and other certificates like a Standard SSL Certificate is that a Standard Certificate, which is issued to a single Fully Qualified Domain Name (e.g., www.yourdomain.com), can only be used to secure the exact domain to which it has been issued.
A Wildcard SSL Certificate is issued to a “Common Name” of *.example.com and a Subject Alternative Name (SAN) of *.example.com. The wildcard allows the certificate to be used on an unlimited number of subdomains across an unlimited number of servers. Entrust Wildcard SSL Certificates can also secure Multiple Wildcard SANs.
The SAN ensures that the SSL works with or without a subdomain:
|Used when you need||SSL/TLS Security for multiple first level sub domains where domain name are changing frequently|
|Validation||OV (Organization Validation)|
|Key Usage||Server to Server AuthClient to Server Auth|
|Secures both www.domain.com & domain.com|
replace www with *
|Base Number of Names (domains included)||1|
|Additional Names (optional $)||Up to 250!|
Sub-domains (free) or
(when GREEN, you can purchase up to 250 SANs)
|Malware Scan||Basic Website Security bundle|
|Site seal with real time status check|
|Management console with free reissues and unlimited server licensing|
|RSA + ECC 2048 bit / 3072 bit / 4096 bit|
|Elliptic curve cryptography (ECC)|
|Desktop and mobile device compatibility||99.9%+|
and 30 day refund
Safe Use of Wildcard Certificates
Wildcard Certificates offer great flexibility to system administrators who wish to minimize management through an unconstrained number of sub-domains within one certificate (e.g., *.company.com could represent dev.company.com, marketing.company.com, sales.company.com, etc.).
Wildcard Certificates also pose substantial risks. Wildcard Certificates can be used with the appearance of legitimacy with either a fictitious or a fraudulent sub-domain name. In addition, a single wildcard certificate and its corresponding private key could be used on multiple servers. In fact, it is the ease of management that makes it a more common, though ill-advised practice. Ultimately, a Wildcard Certificate bypasses controls for those subscribers who rely on the certificate approval procedure to control the authorization of new servers and new domains.
Wildcard Certificates are subject to the following attack:Impersonation Attack: luring a victim to a fraudulent resource in the certified domain through phishing.
Safe Use of Multi-Server Digital Certificates
The practice of using a single certificate, such as a Wildcard Certificate, to protect multiple servers has become more common, because of the reduced cost of certificate acquisition, and the ease of management that it entails.
However, this practice necessitates exporting the key-pair from one machine and importing it into one or more other machines. The procedure necessarily entails a reduction in assurance, because the private key exists in multiple locations. At the same time, the value of that one private key is much greater because it protects more resources.
There are two main attacks facilitated by multi-server certificates:Eavesdrop: where an insider has the ability to intercept user traffic Impersonation: an attacker impersonates a genuine resource in the domain. Properly managed wildcard SSL certificates can provide increased flexibility for system administrators, but they come with increased risk. Entrust recommends using proper safeguards when deploying Wildcard Certificates.
Front Line Encryption
Your website’s security is our number-one priority. That’s why Entrust OV SSL Certificates feature ECC public key encryption in our root certificates. With support for SHA-2 algorithms, Entrust SSL Certificates protect your data by offering stronger security and increased performance.
Additional Benefits & Features
- Quick Issuance
Entrust verification begins immediately based upon your certificate request, and your certificate is usually ready within 1-2 days.
- Easy Purchase
Certificates can be easily purchased online with a credit card of by calling an Entrust representative.
- Website Security Bundles
Website Security Bundles help find malware on your website and protect it from landing on search engine and email blacklists.
- Multi-Domain Capabilities
Save time and money by securing up to 250 fully qualified domains with a single SSL certificate.
- Established Browser Trust
Prevent your customers from seeing annoying trust dialogs.
- Unlimited Issuance Policy and Server Licenses
Enable flexible certificate re-issuance when users lose passwords or re-image machines, and install your certificates on an unlimited number of servers
- Self-Service Certificate Creation
Eliminates the wait for manual certificate issuance
- Convenient Expiry Notifications
Lessens the risk of inadvertent certificate expiration
- SHA-1 or SHA-2 Signing Capabilities
Options to sign your certificate with SHA-1 or SHA-2.
- SSL Certificate Expertise
Entrust customer service experts are available to help you through every step of the certificate management lifecycle.
|Trust comes from meeting and beating your customer’s expectations. That’s why you should let your visitors know they are on a secure website with the Entrust Site Seal. Our seal makes it easy to visibly show that you have taken steps to ensure your site transactions are secure. Once you make your Entrust SSL purchase, you gain access to your individualized seal. Once you’ve posted the seal on your website, your visitors will be able to click on it and easily verify your site’s authenticity and certificate status. More|