Secure Sockets Layer (more commonly referred to as SSL) is the known industry standard used by millions of websites for protecting online transactions with their customers. SSL used for making an encrypted link between a web server and a browser. This encrypted link guarantees that all data transferred between both ends remain private and intact.
To establish a secure connection, a web server needs an SSL Certificate. To activate SSL on your server, you will need to choose the correct SSL type as per your requirement. This guide will explain the core differences between SSL types.
Single-name SSL certificates protect a single sub-domain (hostname). For example, if you purchase a certificate for www.example.com it will not secure my.example.com.
At the sole discretion of the certificate authority, if you purchase a single-name certificate for the www hostname (www.example.com), the certificate may also include the root domain (example.com).
Multiple SSL SAN
A SAN (Subject Alternative Name) certificate allows for multiple domain names to be protected with a single certificate. For example, you could get a certificate for example.com, and then add more SAN values to have the same certificate protect mydomain.org, mydomain.net, and even example.com.
In most cases, the SAN values can be changed at any time during the life of the certificate – you’d just need to change the value, and then do a re-issue.
A Wildcard SSL certificate allows you to secure multiple sub-domains with just one certificate. In many cases, the wildcard certificate makes more sense than a SAN (Subject Alternative Name) because it allows for unlimited sub-domains and you don’t need to define them at the time of purchase.
You can add sub-domains without having to redeploy the certificate. For example, you could use a wildcard certificate for the domain name example.com and that certificate would also work for my.example.com, my1.example.com, and any other sub-domain. The wildcard refers to the fact that the certificate is provisioned for *.example.com so that the certificate would just work, no reissue required.