+49 (0) 7245 919 581 info@eunetic.com
[EN]
Login
  1. Home
  2. Cyber Security - Terms & Definitions Knowledge Base
  3. 2. Cyber ​​threats and attack vectors
  4. Multi-Domain (SAN) Certificates Explained
Cyber Security - Terms & Definitions
Knowledge Base

Multi-Domain (SAN) Certificates Explained

Abstract Illustration of a checklist on a clipboard

  • Multi-Domain (SAN) Certificates, also known as Subject Alternative Name certificates, are digital certificates that secure multiple domain names and subdomains with a single certificate.
  • These certificates are essential for organizations managing multiple sites, allowing them to simplify their SSL/TLS management while ensuring robust security across all their domains.

Multi-Domain (SAN) Certificates

Detailed Description

Abstract Illustration of a light BulbMulti-Domain (SAN) Certificates, also known as Subject Alternative Name (SAN) certificates, are a type of digital certificate used in cybersecurity to secure multiple domain names and subdomains with a single certificate. SAN certificates are particularly useful in environments where multiple services need to be secured and managed efficiently.

A SAN certificate allows the holder to specify a list of host names to be protected by a single certificate. These can include fully qualified domain names (FQDNs), IP addresses, and local server names. This flexibility makes SAN certificates highly versatile and cost-effective, as it reduces the need for multiple certificates and simplifies management.


Common Questions

Abstract Illustration of an opened Book.Common questions about SAN certificates include:

  • How many domains can be included? Typically, a SAN certificate can include up to 100 different domain names, though this number can vary depending on the certificate authority (CA).
  • Are SAN certificates secure? Yes, they offer the same level of encryption as single-domain SSL certificates.
  • Can I add or remove names after issuance? Yes, most CAs allow you to update the SAN list during the certificate's validity period, though this might require reissuing the certificate.

Examples

Abstract Illustration of a magnifying glass.Example 1: E-commerce Business

An e-commerce company operates multiple subdomains such as store.example.com, blog.example.com, and support.example.com.

By using a SAN certificate, the company can secure all these subdomains along with the main domain example.com under a single certificate, simplifying SSL management and reducing costs.


Example 2: Corporate Environment

A large corporation with multiple departments might use hr.company.com, finance.company.com, and research.company.com. A SAN certificate can secure all these sites, ensuring that sensitive departmental information remains protected under a unified security protocol.


Security Recommendations

When using Multi-Domain (SAN) Certificates, consider the following best practices:

  • Limit the Number of SANs: Only include domains that are necessary to minimize the attack surface.
  • Use Strong Encryption: Opt for certificates that support the latest encryption standards, such as 256-bit encryption and SHA-2.
  • Regularly Update and Review: Regularly review and update the SAN list to reflect changes in your domain structure and remove any unused or outdated entries.
  • Secure Certificate Storage: Store your certificates and private keys securely to prevent unauthorized access.
  • Choose a Reputable CA: Obtain your SAN certificates from a well-established and trusted certificate authority.


References

Abstract Illustration of a laptop, with a globe displayed on it. For further reading and more detailed information on Multi-Domain (SAN) Certificates, refer to the following trusted sources:

These resources provide comprehensive insights into the technical aspects, usage scenarios, and management of SAN certificates, helping you to implement them effectively in your cybersecurity strategy.


Frequently Asked Questions

What are Multi-Domain (SAN) Certificates?

Multi-Domain (SAN) Certificates, also known as Subject Alternative Name (SAN) certificates, are digital certificates that secure multiple domain names and subdomains with a single certificate. They are used in environments where multiple domains need SSL/TLS security but managing individual certificates for each domain is impractical.

How many domains can a Multi-Domain (SAN) Certificate cover?

A Multi-Domain (SAN) Certificate typically supports up to 100 different domain names. However, the exact number can vary depending on the certificate provider. These certificates are flexible, allowing the addition or removal of domain names during the certificate's lifecycle.

What are the benefits of using Multi-Domain (SAN) Certificates?

  • Cost-effective: Reduces the cost of purchasing separate certificates for each domain.
  • Simplified management: Eases the management burden by consolidating multiple certificates into one.
  • Security: Provides the same level of encryption and security across all included domains and subdomains.

Are Multi-Domain (SAN) Certificates compatible with all servers and browsers?

Yes, Multi-Domain (SAN) Certificates are designed to be compatible with most modern servers and web browsers. They follow industry standards for encryption and authentication, ensuring broad compatibility and security.

Can I add or remove domains from a Multi-Domain (SAN) Certificate after it has been issued?

Yes, most certificate authorities allow you to add or remove domains from your Multi-Domain (SAN) Certificate. However, making changes typically requires reissuing the certificate. It's important to check with your provider about their specific policies and any potential costs associated with these modifications.

Was this article helpful?

No Yes
You may also be interested in...
Shorter SSL Lifespan – What You Need to Know

Discover why SSL/TLS certificates are now expiring faster than ever—transforming from years to just 47 days! Learn how this shift boosts security, mandates automation, and what it means for web users and developers alike.

02.06.2025 SSL certificates