San vs. Wildcard Certificates: What's the difference?

This article will outline the difference between wildcard and SAN SSL certificates.

Wildcard Certificates

A wildcard certificate allows for unlimited number of subdomains to be protected with a single certificate. For example, you could use a wildcard certificate for the domain name and that cert would also work for, and any other subdomain. The wildcard refers to the fact that the cert is provisioned for *

SAN Certificates

A SAN (Subject Alternative Name) certificate allows for multiple unique domain names to be protected with a single certificate. For example, you could purchase a certificate for, and then add more SAN values to have the same certificate protect, and even

Depending on the specific brand and certificate product, the SAN cert will include either one or four additional domains at the price quoted on our chart. Additional SAN values can usually be added up to a maximum number of either 25 or 101 total domains (including the base domain).

In most cases, the SAN values can be changed at anytime during the life of the certificate – you’d just need to change the value in the reissuance portal, and then do a free re-issue.

When to choose a wildcard, and when to choose a SAN

Wildcard certificates are great for protecting multiple subdomains on a single domain. In many cases, the wildcard cert makes more sense than a SAN because it allows for unlimited subdomains and you don’t need to define them at the time of purchase. You could provision * and in at anytime during the life of the certificate, you decided to add or, that cert would just work, no reissue required.

If, on the other hand, you need to protect multiple domain names, then the SAN certificate might be the right choice. Protecting alternative domains with the same website ( and is a great example. One caveat – you need to define the additional domains and add them to the certificate for it to work.

SAN certificates, like wildcard certs, are a great way to save some money and also to make administration a bit easier as you can reduce the number of certificates provisioned since they cover multiple domains.

Was this article helpful? 0 out of 0 found this helpful
Have more questions? Submit a request