The Benefits Of An Organization Wildcard SSL Certificate
When a website uses a main domain and a series of subdomains, or really even more than just a couple of subdomains, it makes a lot of sense to choose an organization Wildcard SSL certificate. To understand why this is the case and the different options to consider, Comodo can give you the basics and some advanced issues to consider.
For those new to website secure data transmission a good starting point could be to provide information on what is secure sockets layer (SSL) technology. We offer more information in our knowledgebase as well as the resource section of the website.
In the Beginning of SSL
SSL, now known as TLS or Transport Layer Security, is not that recent of an invention. It was first developed by Netscape in 1994, although the first few versions certainly did not offer the security of the services in use today.
At its most basic form SSL is a protocol or a set of rules about how servers are authenticated by clients (the browser or the device) and how data is encrypted and decrypted in communication between the browser or device and the server.
It allows a public key to be used to set up the secure communication, along with authentication of the SSL certificate on the server. The server also contains a private key that is accessible only to the files operating on that server. This private key is the only way to decrypt the information transmitted by the public key along the secure path.
In order to even start to send data the client (the browser or device) has to match the certificate (actually a chain of certificates) with a trusted root certificate that is embedded in the browser or device.
With a single SSL certificate, the cert only covers a named domain. This includes the Fully Qualified Domain Name or FQDN. This has three parts such as www.mycompany.com where the www is actually the subdomain name on the main domain.
To be able to cover the subdomains of the main domain, or other separate parts of the website such as mail.mycompany.com or payments.mycompany.com, a domain or organization Wildcard SSL certificate can be used.
This type of certificate uses an asterisk symbol, a wildcard, to be a placeholder for the www on the Certificate Signing Request (CSR). In other words, when applying for an SSL certificate, you will use the FQDN in the form of *.mycompany.com. This protects both the main domain (www) with all other subdomains.
There are two different types of Wildcard SSL products. One is a domain validated and the other is an organization Wildcard SSL certificate, or an organization validated certificate.
Domain validation through a Certificate Authority (CA) such as Comodo or any other company is the lowest level. It is signified by the gold padlock and still provides the 2048-bit signatures and up to 256-bit encryption of data.
This type of validation requires that the CA check to confirm that the applicant's name on the CSR and the information provided for contact is a match to the WHOIS database information. This can also be verified by the applicant verifying the use of another person, such as an IT manager, for the application.
With an organization Wildcard SSL certificate there is a further level of validation required by the Certificate Authority. This includes the domain level validation plus additional verification of the applicant's credentials. This can include information on specifics about the business or the individual.
These verifications or validations are typically done through trusted online resources. These are usually government databases that provide accurate information about either an individual or the registration of a business. For both a business and an individual, there will need to be a match to a physical address.
This additional level of validation required with the organization Wildcard SSL certificate provides online customers with additional information should they look at the certification. When customers hover over the trust seal, which is part of the package we offer, they will see that your site is both protected by Comodo and that you have the additional validation in place.
The organization level of validation is the highest level possible with the Wildcard product. For more information on how to utilize a Wildcard SSL/TLS certificate and the benefits of organization validation, talk to our staff. You can reach us by phone at +1 888 266, 6361, or you can talk to us through the live chat system from any page on the website at https://www.instantssl.com.