We can expect that the term Subject Alternative Name (SAN) will likely not make the list of top 10 annoying office phrases anytime time soon. While we can rest assured that it will remain a technical term limited to the IT field, here's what you need to know to know about SANs to ensure that all of the names that you want secured are covered with the purchase of an SSL/TLS certificate.

A SAN or subject alternative name is a structured way to indicate all of the domain names and IP addresses that are secured by the certificate. Included on the short list of items that are considered a SAN are subdomains and IP addresses. 

First, let me show you the anatomy of a basic URL or web address.

Anatomy of URL

When additional actions on a website need to be secured, the SANs need to be included on an SSL/TLS certificate so that the DNS server can resolve the IP address to the domain name. This will give the page the HTTPS indicator that meets browser guidelines and that give visitors confidence to transact on your website.

This is what the SANs would like in the certificate details:

SAN 1: DNS Name=example.com
SAN 2: DNS Name=www.example.com
SAN 3: DNS Name=example.net
SAN 4: DNS Name=mail.example.com
SAN 5: DNS Name=support.example.com
SAN 6: DNS Name=example2.com
SAN 7: IP Address=
SAN 8: IP Address= 2606:2800:220:1:248:1893:25c8:1946

The SANs information appears in the SSL/TLS certificate details that can be viewed by clicking on the locked padlock in the address bar of most web browsers.

san certificate

This screen captures how the Subject Alternative Name field displays the various SANs in certificate details

EV Multi-domain or  UC SSL/TLS certificates are sometimes used in environments where IT administrators need to frequently add, change, or remove domains.  Having the ability to secure multiple names across different domains on a single certificate provides flexibility, efficiencies and cost savings.   

Before you purchase your SSL/TLS certificate, list all of the different domains, sub-domains and IP addresses that need to be secured. Most IT ecosystems use a variety of SSL/TLS certificates. Understanding how many domains and sub-domains need to be secured is an important first step in determining the SSL/TLS certificate mix needed for the project.

7-Part Blog Series

  1. SSL/TLS 101 – Why Do I Need an SSL/TLS Certificate
  2. SSL/TLS Certificate Types – Choosing the Right One for Your Use Case
  3. SSL/TLS Verification – Digital Identity for Your Website
  4. What is a SAN (Subject Alternative Name) and how is it Used?
  5. What is a CSR and How Do I Get One?
  6. What's the Difference between a Public and Private Trust Certificate?
  7. How to Build an SSL/TLS Certificate | The Five Simple Steps That Bring You to HTTPS

Additional Resources

How to Identify an Authentic Website
How Does SSL/TLS Work?
Bi-Weekly Certificate Management Demo


Diana Gruhn

Diana Gruhn

Diana Gruhn is a Senior Product Marketing Manager at Entrust Datacard, the brand that offers trusted identities and secure transaction technologies for entirely reliable and secure IT ecosystems. She has been working in the high technology industry for 10+ years and is enthusiastic about helping businesses stay secure as well as the people who transact with them.