Security Considerations of Wildcard Certificates
On the surface, wildcard certificate might make sense: they allow you to secure multiple subdomains belonging to the same organization with the same domain name. For example, if a company owned the domain for anycompany.com, a wildcard certificate could be used to secure the subdomains of *.anycompany.com. Now that company could use that single wildcard to secure vpn.anycompany.com, contracts.anycompany.com and payment.anycompany.com.
The potential cost savings of wildcards have to be weighed against the security weaknesses of them:
- If one server or sub-domain gets compromised, all sub-domains and servers would be compromised. That’s just not a good security practice
- There is no way to revoke the SSL digital certificate for one sub-domain without having to revoke the digital certificate for all of the other sub-domains.
- Not all applications may be compatible with wildcard certificates. In particular, many mobile applications will not work with wildcards.
If the reason for going for a wildcard certificate is to reduce the complexity of managing multiple certificates, then customers are better off buying certificate within free certificate management services such as Entrust’s CMS. It’s lower risk than a wildcard certificate and a better way of managing certificates.