Last decade has seen a phenomenal growth in the usage of Internet. Accepted round the globe unanimously with wide arms, Internet has now become a part of everyone’s daily life. Everybody is now online, and in more ways than one would’ve imagined. People use Internet for checking news, keeping a tab on their favorite sports, listening music, watching movies, professional conversations, interacting with new people, online shopping etc.
Online shopping is easy, ubiquitous, provides a broad range of options to choose from, and most importantly saves time. Businesses now realize the importance of being online, and most of them have websites showcasing and selling their products. But it isn’t that easy to turn a visitor on your website into a customer.
Netizens today are smart and well aware of the security threats online that can jeopardize their confidential data. They need assurance that you are genuine, your website is genuine and most importantly that you’ve proper security system in place to ensure the safety of their confidential information like credit card details, personal details, transaction info, etc.
A majority of online businesses hence use SSL certificates to reflect their reliability. SSL certificates not only secure the online transactions but are also visible proof that the particular website that showcases them is genuine, secure and reliable. But SSLs can be expensive at times.
Say your website has multiple sub-domains, such as yourwebsite.com, blog.yourwebsite.com, login.yourwebsite.com etc. A conventional SSL certificate will only secure one of these domains; to secure others, you’ll have to buy multiple SSLs, which will be capital intensive. If a potential customer visits blog.yourwebsite.com instead of yourwebsite.com and his browser warns him that this page is probably not secure, he might back off.
This is where WildCard SSLs come into the picture. A single WildCard SSL can protect multiple sub-domains on a single server and IP address, thus providing you both convenience (as you don’t need to administer several separate SSL Certificates for each sub-domain) and affordability.
WildCard SSL Certificate provide the same stringent level of security, as they hold the same encryption and decryption technology as other conventional certificates. All you need to do to secure multiple domains with WildCard SSLs is that at the time of installation, just add an asterisk (*) in the subdomain area of the common name, which you want to be protected. For instance, if you configure *.yourwebsite.com, you can secure www.yourwebsite.com, photos.yourwebsite.com, blog.yourwebsite.com, payment.yourwebsite.com and so on. The * hence represents the wildcard part of the SSL certificate. * can be any sub domain that you want to secure with the same base domain.
For a detailed idea of how WildCard SSLs work, please refer to my previous post.
How to Install a Wildcard SSL certificate in WHM
- Login to your Web Host Manager (WHM) control panel.
- Go to the left menu and click on ‘Install a SSL Certificate and Setup the Domain’.
- Now Copy and paste the contents of your WildCard SSL Certificate (yourwebsite.crt) into the first text area. Access the text version of your certificate by opening it with a text editor. Remember to include the BEGIN and END tags while copying and pasting the certificate.
Copy Certificate to Notepad and include the BEGIN and END tags
- Let the rest of the text areas to be automatically filled.
- Double check that the SSL key and CA bundle are accurate.
- Now change the WildCard domain name to match the actual account domain name.
- Ensure that the username and IP address match the actual account involved.
Common Compatibility Errors with WildCard SSL Certificates
While most of of the platforms and devices are thoroughly compatible with WildCard SSLs, there are some which might have issues. For eg. if a certificate isn’t trusted by a customer’s mobile browser, he/she may face compatibility issues on his mobile device. This particular error is rife with old Windows Mobile 5 devices.
In addition, Microsoft Office Communication Server, Microsoft Lync Server and Oracle Wallet Manager do not accept wildcards. Likewise, there are some outdated and ‘Basic’ versions of browsers that don’t support a “Certificate Request”, thus making the certificate look invalid due to lack of verification.
The only way to prevent such unfortunate errors is to purchase WildCard SSL from a trusted provider of WildCard SSL Certificates that issues a certificate which most users’ browser can rely on.
Wrapping things up!
As already mentioned, WildCard SSL is a great product which gets rid of individualized costs and provides easier web security administration in a cost-effective manner. However they too have their own share of limitations, one of them being the compatibility issue mentioned above. IT Professionals and Web Security Experts should hence carefully gauge which domains and sub-domains they want to protect and the effectiveness of the WildCard SSL Certificate in protecting them to reap the benefits properly.
