This is a fair and honest analysis of the benefits and drawbacks of Wildcard SSL
An Wildcard SSL Certificate is among the most flexible types of certificates that are available. With just one certificate, you can secure any website and all its sub-domains.
Simple, right? What are the advantages and disadvantages of having an Wildcard SSL certification? Let’s look.
Advantage: Secure unlimited sub-domains
Many websites have subdomains. It’s a common feature of web design. What you intend to use your subdomains for is your choice However, regardless of what they are used for they must be secured. Prior to the time that Wildcard SSL certificates were created the process of securing websites with sub-domains was more challenging. It’s not anymore. With just one wildcard certificate, you can get:
Domain.com
Mail.domain.com
Members.domain.com
Dev.domain.com
As well as any other sub-domains you might possess. Use an asterisk to indicate the level of sub-domain you wish to protect when filling in Your Certificate Signature Request. Easy!
The benefit: Wildcards can be less expensive than other alternatives.
Prior to Wildcards were introduced, you’d need to buy an independent SSL certificate for each sub-domain. That’s expensive! It’s expensive! Wildcard SSL certificate can secure an unlimited number of subdomains for a single price. It’s a lot less than alternatives.
Advantage: Easier Certificate Management
Similar to how Wildcards are more affordable than the option of securing each sub-domain separately and are a far more secure method to protect your website’s footprint from an administrative and technical point of view. In the end, you’re not having to manage multiple certificate accounts, managing multiple renewal dates and installation dates and continually adding more as your business grows. You’re only managing one certificate. Simple!
Advantage: Wildcards Scale Better
Cheap wildcard SSL Certificates will grow with the growth of your business. If, within the lifetime that you have your Wildcard SSL certificate you choose to add an additional sub-domain to your site, your certificate will cover it automatically. There is no need to issue a new Wildcard certificate in order for the new domain. Wildcards can be used in the future.
Are there any negatives in using Wildcards?
Yes, but they’re much less prominent than the advantages associated with Wildcard certificates. The main drawbacks of an unrestricted wildcard are:
It is only valid for one sub-domain level. If you’re trying to secure sub-domains on various levels, you’ll require the Wildcard for each level of sub-domain you’re trying to secure.
If there are multiple parties that manage the subdomains of your website it could be necessary to share the private key with your company and/or vendors which increases the risk of an unauthorised party gaining access to your private key
It is important to remember that even if you are using just one private and certificate across multiple servers, a compromise could necessitate reissuing the certificate for all servers.
Certain older mobile operating systems, like Windows Mobile 5, do not recognize the wildcard symbol. (*).
For the majority of websites, the advantages of wildcard certificates outweigh the drawbacks.