The Benefits Of The UC Mobile Certificate Over Wildcard Certificates
There are many different options in SSL/TLS products and Comodo is able to provide secure, recognized and trusted certificates for all types of businesses and to match your budget requirements.
For companies, businesses or individuals using the Microsoft Exchange or Office Communications servers the use of the UCC or Unified Communications Servers is the best choice for the vast majority of our customers. Of course, we consider your needs and the size of the domain or domains you need to secure when making our recommendations.
To understand the benefits of the UC certificate, it is important to take a quick look back at meaning of SSL and its benefits. All SSL/TLS products are designed to provide a secure way to transmit data from a client to a server or between servers. This is completed through 256-bit encryption of data and the use of public and private keys that have 2048 bit signatures.
The data that is encrypted with the public key can only be decrypted with the corresponding private key. The private key is securely held on the server or servers and is never shared, resulting in a highly secure way to transmit data. The SSL/TLS certificate is used to provide verification between the client and the server that the server is a trusted source. The browser or device already has the root certificate from the certificate issuing CA (Certificate Authority) to allow the recognition as a trusted source.
The UC mobile certificate or the UCC (Unified Communications Certificate) used between a client and a server provides this secure connection. Of course, there are other options in SSL certificates that could also be used including those for single domains, Wildcard certs, Multi-Domain/SAN certs or even an EV SSL for extended validation.
The difference is that for any device and browser the UC mobile certificate works more effectively with the Microsoft Exchange and the Office Communications servers than any other option. Additionally, the next most common choice of the Wildcard is not going to be effective with some mobile devices, posing a greater risk of users seeing the security warning message when visiting the site.
Wildcards and Mobile Devices
Typically, any browser from a PC is going to recognize a Wildcard SSL certificate from a Certificate Authority that is a trusted source. This was not always the case, but today Wildcard certificates can easily be used to protect both a main domain as well as subdomains under that main domain.
Wildcards can even protect second-level subdomains and so on. The only naming convention restriction is that there can only be one wildcard (*) per certificate. So, it would be possible to have a Wildcard SSL certificate that includes *.mydomain.com where (*) could replace www, mail, photos, payments or anything else.
You could also have a Wildcard for *.mail.mydomain.com where the (*) could be used as a placeholder for second-level subdomains under mail. However, when using mobile devices that are not upgraded to Windows Mobile version 6, the Wildcard will not be accepted and will generate the security warning on the site.
The only workaround for this issue is to request an SSL certificate for both sets of possibilities, which is going to add considerably to the cost.
The Better Option
The UC mobile certificate by Comodo, on the other hand, is accepted by mobile devices. This makes it a much more effective option than the wildcard, particularly on older mobile devices.
One consideration with the older mobile devices is the listing of the primary Common Name on the certificate. It will be important to have the primary CN listed on a UC mobile certificate as the URL used on the older models of devices used to access the server.
By listing this as the primary name on the certificate and then listing all of the other alternatives in the Subject Alternative Name field of the cert there should be no problems with accessing the UC mobile certificate from any possible device on the system. Doing it the other way may, just as with the Wildcard, prevent the older browsers and devices from recognizing the SAN and showing the warning.
For more information on the UCC product and how it compares with the Wildcard SSL/TLS option, give our sales staff a call. They can review the difference with you and help you to make the right choice for your system needs. We can be reached by phone at +1 888 266 6361 or get online at https://www.instantssl.com and send us a message by chat or through our email.