A Wildcard SSL Certificate Tutorial For Beginners

Not everyone turns to an IT professional to complete the setup of their website or to add SSL/TSL products to the site. To provide a bit of background and to define SSL and how it benefits any website, here is a simple Wildcard SSL certificate tutorial to get anyone started.

SSL is a security protocol and was first introduced in 1994 by Netscape as a way to encrypt and decrypt information sent from a client (a browser or a device) to a server. Now SSL is technically known as TLS or Transport Layer Security but it still uses the basics of the SSL technology. Sometimes you will see the term written as SSL/TLS or one or the other. Unless you are working at an advanced level, it is easiest to consider them as using the same protocols.

At a very simple level, the technology uses a set of verifications to provide this connection. This is done through a public key that is maintained with the SSL certificate. This public key is always public as well as unique from other public keys.

This certificate is issued by a Certificate Authority or CA. The CA receives a Certificate Signing Request (CSR) from an applicant to provide the SSL/TLS for a website. This Certificate Signing Request is generated on the server where the certificate will be installed. At the same time, a private key is generated that is stored just on that server and not shared with anyone else.

The CA then generates a set of files that include the certificate bundle and the public key file. This is installed on the server through a specific process. This process differs based on the server distribution and version for each platform.

The Handshake

Through what is known as an SSL handshake, the RSA key exchange occurs. This is done in a fraction of a second and sets up the secure connection that allows the encrypted information to be exchanged.

Information from the client and the server are exchanged. This includes the information on the certificate that is unique to that certificate. This will include the public key which is mathematically related but not identical to the private key.

The client or the website then authenticates the server certificate. This is done through a list of embedded root certificates that are trusted sources. The Comodo root certificates are installed in 99.9% of devices, meaning our certificates are always considered to be from trusted sources.

The public key is then encrypted with what is known as a pre-master secret. This is an agreed upon method to communicate that only the corresponding private key can decrypt. As this private key is only on that server and matches to that one public key this creates the secure connection to transmit data.

The Wildcard Difference

The basics of the security components of the Wildcard SSL certificate tutorial are the same as for a single site SSL certificate. However, the wildcard is designed to secure both the main domain, the www.something.com as well as any subdomains.

A subdomain is a separate section or directory in the website under the main domain. Think of it as the difference between a book (the main domain) and a chapter in the book (a subdomain). The specific names for the subdomains can be anything you select and those names will replace the www in the name.

For example, in the domain used above (www.something.com), the subdomains could be:

  • mail.something.com
  • payments.something.com
  • abc.something.com

Typically, the subdomain names are used to identify a specific webpage that customers or clients will need to access. The subdomain will show in search engine results and can be SEO (Search Engine Optimization) developed to add to the overall ranking for the entire site.

To allow the SSL certificate to be read by the browser and to accept all the subdomains as trusted sites, the Certificate Signing Request cannot list the "www" version of the common name for the site as this just secures that one part of the site.

Instead, by using the asterisk in the place of the www everything becomes secured with one certificate. This allows the SSL handshake to occur for both the main domain and the subdomains, fully protecting your site.

For more information, browse through our Wildcard SSL certificate tutorial pages in the knowledgebase. You can also give our sales staff a call at +1 888 266 6361 or talk to us online at https://www.instantssl.com, we will make sure your questions are answered.

Related Articles
Back to TOP