www.example.com: Should I use one or two SSL certificates? I am in the process of enabling HTTPS on my web sites. I have a web site, let's call it example.com,

Posted in: #Https #LetsEncrypt #SecurityCertificate

I am in the process of enabling HTTPS on my web sites. I have a web site, let's call it example.com, which is available both with and without a prefix.

I can now:

request one SSL certificate for example.com and another one for example.com or
request a single SSL certificate for example.com with a SAN for example.com.

I am aware that, from a security point-of-view, both solutions are fine (which is why I ask this question here instead of at security.stackexchange.com). Certificate renewal will be automated and the certificates themselves are free of charge (using Let's Encrypt).

Is there any reason to prefer one option over the other?

10.02% popularity Vote Up Vote Down

: SAQ A-EP - what do the initials stand for? When it comes to delegating PCI compliance to payment service providers, there are two types of integrations: SAQ A and SAQ A-EP. SAQ means Self-Assessment

@Lengel546

Posted in: #Ecommerce #Terminology

0 Comments

: Multiple Domain Name Tracking Google Analytics I have a website that has multiple domains attached to it. It seems the real time view only shows visits from the site setup in the actual View.

@Lengel546

Posted in: #GoogleAnalytics

1 Comments

: Shutdown a subdomain can affect another subdomain I have two subdomains and I decided to shutdown the br and focus only in pt project. https://pt.example.com https://br.example.com My question is

@Lengel546

Posted in: #Google #Googlebot #MultipleDomains #Seo #Subdomain

1 Comments

: I would like to present a counter argument that cheapest isn't always the best. There are many stories of cheap registrars that give poor service or do offer only a limited amount of services.

@Lengel546

0 Comments

Login to post a comment!

2 Comments

Sorted by latest first Latest Oldest Best

@Shanna517

Is there any reason to prefer one option over the other?

Assuming the use of Let's Encrypt and that each certificate lists just the www and non-www versions of a single domain, the only likely drawback to using a SAN certificate is the possibility of some compatibility issues with older browsers, mostly prior to 2003.

On the positive side, there would be only a single certificate to automate for each primary domain (e.g. [www.]example.com). However, you might still want separate certificates for true sub-domains (e.g. sub.example.com) in case they need to be updated... so this could be a tossup benefit-wise.

As a purely personal opinion, I see no reason not to use a SAN certificate in this instance unless browser compatibility is a priority.

10% popularity Vote Up Vote Down

@Michele947

You would just need to order the one cert for example.com. The www is part of it or included by default. If you wanted other sub-domains, ie server.example.com, then you would either need a wildcard domain cert [*.example.com] or order two to cover the extra domain. Hope this helps answer your question.

10% popularity Vote Up Vote Down

Feed

: Https://example.com and https://www.example.com: Should I use one or two SSL certificates? I am in the process of enabling HTTPS on my web sites. I have a web site, let's call it example.com,

More posts by @Lengel546

: SAQ A-EP - what do the initials stand for? When it comes to delegating PCI compliance to payment service providers, there are two types of integrations: SAQ A and SAQ A-EP. SAQ means Self-Assessment

: Multiple Domain Name Tracking Google Analytics I have a website that has multiple domains attached to it. It seems the real time view only shows visits from the site setup in the actual View.

: Shutdown a subdomain can affect another subdomain I have two subdomains and I decided to shutdown the br and focus only in pt project. https://pt.example.com https://br.example.com My question is

: I would like to present a counter argument that cheapest isn't always the best. There are many stories of cheap registrars that give poor service or do offer only a limited amount of services.

Login to post a comment!

2 Comments

Back to top | Use Dark Theme