We can expect that the term Subject Alternative Name (SAN) will likely not make the list of top 10 annoying office phrases anytime time soon. While we can rest assured that it will remain a technical term limited to the IT field, here's what you need to know to know about SANs to ensure that all of the names that you want secured are covered with the purchase of an SSL/TLS certificates.
A SAN or subject alternative name is a structured way to indicate all of the domain names and IP addresses that are secured by the certificate. Included on the short list of items that are considered a SAN are subdomains and IP addresses.
First, let me show you the anatomy of a basic URL or web address.
When additional actions on a website need to be secured, the SANs need to be included on an SSL/TLS certificate so that the DNS server can resolve the IP address to the domain name. This will give the page the HTTPS indicator that meets browser guidelines and that give visitors confidence to transact on your website.
This is what the SANs would like in the certificate details:
SAN 1: DNS Name=example.com
SAN 2: DNS Name=www.example.com
SAN 3: DNS Name=example.net
SAN 4: DNS Name=mail.example.com
SAN 5: DNS Name=support.example.com
SAN 6: DNS Name=example2.com
SAN 7: IP Address=93.184.216.34
SAN 8: IP Address= 2606:2800:220:1:248:1893:25c8:1946
The SANs information appears in the SSL/TLS certificate details that can be viewed by clicking on the locked padlock in the address bar of most web browsers.
This screen captures how the Subject Alternative Name field displays the various SANs in certificate details
EV Multi-domain or OV SSL/TLS certificates are sometimes used in environments where IT administrators need to frequently add, change, or remove domains. Having the ability to secure multiple names across different domains on a single certificate provides flexibility, efficiencies and cost savings.
Before you purchase your SSL/TLS certificate, list all of the different domains, sub-domains and IP addresses that need to be secured. Most IT ecosystems use a variety of SSL/TLS certificates. Understanding how many domains and sub-domains need to be secured is an important first step in determining the SSL/TLS certificate mix needed for the project.
When you are ready to purchase, let Entrust's TLS/SSL certificate offerings be your next step towards securing your project.
Additional Resources
Other Blog Posts in this Series:
- SSL/TLS Certificate Types – Choosing the Right One for Your Use Case
- SSL/TLS Verification – Digital Identity for Your Website
- What is a CSR and How Do I Get One?
- What's the Difference between a Public and Private Trust Certificate?
- How to Build an SSL/TLS Certificate | The Five Simple Steps That Bring You to HTTPS