Skip to main content

Why Do I Need UC Multi-Domain SSL Certificates?

Aug

27

2013

Time to read

Read so far

Written by: 

Bruce Morton

Time to read

Written by: 

This certificate is sometimes called unified communications certificate (UCC), multi-domain certificate or multi-SAN certificate. In this posting, we will call them UCC or UC certificate.

The unique feature of the UC certificate is that it takes full advantage of the subject alternative name (SAN) field. In doing so, the issuer allows the certificate subscriber to request many domain names be included in the SAN fields.

The result is the UCC provides many distinct advantages:

  • Flexibility - One certificate can protect multiple domains and sub-domains owned by the certificate subscriber. This supports virtual hosting over SSL on a single IP address and allows the certificate to protect more than one name, such as https://www.example .com and https://example.com.
  • Compatibility - Some applications, such as Microsoft Exchange, require more than one domain to be protected and will also only allow one certificate to be used.
  • Security - UC certificates protect only the domains specified by the website owner. The certificate does not protect an unknown site name that an attacker has set up. This is a big advantage of a wildcard certificate.
  • Verification level - UCC can be issued using domain validation (DV), organization validation (OV) or the most secure extended validation (EV). This allows to website owner to select the level of identification that they want to present to their site users.
  • Price-effectiveness - As many domains are allowed in the certificate, the cost is generally less than requesting a certificate for each domain.

Please note that, currently, CAs are issuing UC certificates with fully qualified domain names (FQDN) and names that are not fully qualified (not registered). The SSL Baseline Requirements specify the CAs will not be allowed to issue publicly-trusted certificates with non-fully qualified names as of November 1, 2015. If you are using certificates with non-fully qualified names, then you should consider converting these addresses to FQDNs.

If you're looking for UC certificates, please visit our site and we'll be happy to serve your SSL needs.

photo-bruce-morton
Bruce Morton
Director for Certificate Services
Bruce Morton is a pioneering figure in the PKI and digital certificate industry. He currently serves as Director for Certificate Services at Entrust, where he has been employed since 1997. His day-to-day responsibilities include managing standards implementations, overseeing Entrust’s policy authority, and monitoring Entrust Certificate Services for industry compliance.
View all of Bruce's Posts
Facebook