1

I am running a website with multiple subdomains, each with its own SSL certificate.

It's time to renew, and while the current certificate uses SAN and has an entry for each subdomain, I am questioning the convenience of this approach - as I can find three individual SSL certificates for apparently cheaper price than a single SSL with 3xSAN entries. I am using IIS 8.5.

Are there any particular drawbacks for going for a multiple individual SSLs?

Emanuele Ciriachi
  • 111
  • 5

2 Answers2

1

Multiple SSL certificates on a single IP address requires SNI. If your clients do not support SNI, then they'll end up on whatever your default binding is. Having a SAN certificate is also potentially less maintenance, as it's just one cert to renew every year or two.

But you are correct in your assumption that SAN certificates are more expensive than 3x individual certs. This is because certificates are run like a cartel. So if you want to save a few bucks and are willing to sacrifice clients that don't support SNI - go for it. Get your three individual certs at a fraction of the price of a SAN.

Community
  • 1
Mark Henderson
  • 68,316
  • 31
  • 175
  • 255
0

A better option is, get the SSL certificate individually.

You need to spend more time in purchase and installation process, but if the budget is a concern then I suggest you to go with Individual SSL.

Note: to get more discounts and get rid of every year renewal, go with multi-year option during purchase.

Single Domain SSL vs Multi Domain SSL

  • 3 Individual SSL’s price is very low than the price of a single SAN SSL.
  • SSL management time of SAN SSL would be less compared with individual SSL management.
  • In SAN SSL, you can add/remove a domain, but in individual SSL there is no option to add/remove.

I found, Comodo Positive Multi-Domain/SAN SSL certificate which may cost you $19/year, which is I think lesser than the price of three individual SSL certificate.

Jake Adley
  • 137
  • 4