Entrust Wildcard SSL Certificates

Entrust Wildcard SSL Certificates

The Most Powerful Wildcard Certificate on the Market

Wildcard SSL certificates secure a domain and all of its sub domains on an unlimited number of servers. Entrust’s Wildcard SSL is the only Wildcard certificate to also support up to 250 Subject Alternative Names (SANs) allowing you to add non-related domain names and even non-related wildcard domains in one certificate.

Entrust Wildcard SSL Certificates offer a great combination of flexibility and value, allowing system administrators to future-proof the addition of more sub-domains while streamlining management. Plus all Entrust Wildcard SSL certificates come with a website security bundle to find malware on your website and protect it from being blacklisted.

The Entrust Trustworthy Seal

Trust comes from meeting and beating your customer’s expectations. That’s why you should let your visitors know they are on a secure website with the Entrust Site Seal. Our seal makes it easy to visibly show that you have taken steps to ensure your site transactions are secure. Once you make your Entrust SSL purchase, you gain access to your individualized seal. Once you’ve posted the seal on your website, your visitors will be able to click on it and easily verify your site’s authenticity and certificate status.

Learn more about the Entrust Trustworthy Seal

How does a Wildcard SSL Certificate Work?

The difference between a Wildcard SSL Certificate and other certificates like a Standard SSL Certificate is that a Standard Certificate, which is issued to a single Fully Qualified Domain Name (e.g., www.yourdomain.com), can only be used to secure the exact domain to which it has been issued.

A Wildcard SSL Certificate is issued to a “Common Name” of *.example.com and a Subject Alternative Name (SAN) of *.example.com. The wildcard allows the certificate to be used on an unlimited number of subdomains across an unlimited number of servers. Entrust Wildcard SSL Certificates can also secure Multiple Wildcard SANs.

The SAN ensures that the SSL works with or without a subdomain:

  • *.example.com
  • *.example.net
  • *.sample.com
  • *.examplesample.com

Safe Use of Wildcard Certificates

Wildcard Certificates offer great flexibility to system administrators who wish to minimize management through an unconstrained number of sub-domains within one certificate (e.g., *.company.com could represent dev.company.com, marketing.company.com, sales.company.com, etc.).


Wildcard Certificates also pose substantial risks. Wildcard Certificates can be used with the appearance of legitimacy with either a fictitious or a fraudulent sub-domain name. In addition, a single wildcard certificate and its corresponding private key could be used on multiple servers. In fact, it is the ease of management that makes it a more common, though ill-advised practice.

Ultimately, a Wildcard Certificate bypasses controls for those subscribers who rely on the certificate approval procedure to control the authorization of new servers and new domains.


Wildcard Certificates are subject to the following attack:

Impersonation Attack: luring a victim to a fraudulent resource in the certified domain through phishing.

Properly managed wildcard SSL certificates can provide increased flexibility for system administrators, but they come with increased risk. Entrust recommends using proper safeguards when deploying Wildcard Certificates.

For a more detailed analysis, please read “The Safe Use of Wildcard & Multi-Server Certificates.

Safe Use of Multi-Server Digital Certificates

The practice of using a single certificate, such as a Wildcard Certificate, to protect multiple servers has become more common, because of the reduced cost of certificate acquisition, and the ease of management that it entails.


However, this practice necessitates exporting the key-pair from one machine and importing it into one or more other machines. The procedure necessarily entails a reduction in assurance, because the private key exists in multiple locations. At the same time, the value of that one private key is much greater because it protects more resources.


There are two main attacks facilitated by multi-server certificates:

Eavesdrop: where an insider has the ability to intercept user traffic
Impersonation: an attacker impersonates a genuine resource in the domain

Properly managed wildcard SSL certificates can provide increased flexibility for system administrators, but they come with increased risk. Entrust recommends using proper safeguards when deploying Wildcard Certificates.

For a more detailed analysis, please read “The Safe Use of Wildcard & Multi-Server Certificates.

Front Line Encryption

Your website’s security is our number one priority. That’s why Entrust certificates feature hybrid 256-bit pre-shared and 2048-bit public key encryption in our root certificates. With support for SHA-1 and SHA-2 algorithms, Entrust SSL Certificates protect your data by offering security that benefits from the best features of both symmetric and asymmetric encryption.

Discover Entrust's Hybrid Cryptosystem

Wildcard SSL Pricing

 1 Year*2 Year*3 Year* 
Regular Pricing$699 each$608/year$573/yearBuy Now
Renewal Pricing$678 each$590/year$556/yearRenew Now

Additional Benefits & Features

  • Quick Issuance
    Entrust verification begins immediately based upon your certificate request, and your certificate is usually ready within 1-2 days.
  • Easy Purchase
    Certificates can be easily purchased online with a credit card of by calling an Entrust representative.
  • Website Security Bundles
    Website Security Bundles help find malware on your website and protect it from landing on search engine and email blacklists.
  • Multi-Domain Capabilities
    Save time and money by securing up to 250 fully qualified domains with a single SSL certificate.
  • Established Browser Trust
    Prevent your customers from seeing annoying trust dialogs.

  • Unlimited Issuance Policy and Server Licenses
    Enable flexible certificate re-issuance when users lose passwords or re-image machines, and install your certificates on an unlimited number of servers
  • Self-Service Certificate Creation
    Eliminates the wait for manual certificate issuance
  • Convenient Expiry Notifications
    Lessens the risk of inadvertent certificate expiration
  • SHA-1 or SHA-2 Signing Capabilities
    Options to sign your certificate with SHA-1 or SHA-2.
  • SSL Certificate Expertise
    Entrust customer service experts are available to help you through every step of the certificate management lifecycle.


How to Buy Wildcard SSL Certificates

Before you submit your Wildcard SSL Certificate request to Entrust, please ensure you have the following information:

  • Certificate Signing Request (CSR)
  • Domain is registered to your organization
  • A business phone number that can be found through a third-party directory
  • Billing, technical, authorization and corporate authority contact details
  • Payment method (see below)
  • Back up of your private key
  • Business headquarters and incorporation information

For additional inquires or assistance when buying an Entrust Wildcard SSL Certificate, please review the Entrust SSL Certificate Enrollment Guide.

Credit Cards

Payment Information
Entrust accepts American Express®, Visa® and Master Card®. The credit card will not be debited until the SSL certificate has been issued. An online receipt is provided at the end of the payment process. Purchase orders will be accepted for orders of US $1,000 or more. Once a purchase order has been accepted by Entrust sales, customers will be provided with information on how to submit SSL certificate (Wildcard) orders.

For further information about our digital SSL certificates or to place a purchase order, please call 1-888-690-2424 or contact us online.

Online Ordering & Support
If you are using a proxy server, you may experience problems when ordering online. For further information, please contact Entrust Certificate Services Support.

Interested in Entrust SSL?