The difference between a Wildcard SSL certificate and other SSL/TLS certificates is that other certificates, which are issued to a single Fully Qualified Domain Name (FQDN), (e.g., www example.com), can only be used to secure the exact domain to which it has been issued. A Wildcard SSL certificate is issued to a “Common Name” -- *.example.com, and a Subject Alternative Name (SAN) -- *.example.com allowing the certificate to be used for an unlimited number of subdomains across an unlimited number of servers. A single Wildcard SSL certificate secures one domain -- *.example.com, and unlimited subdomains -- www.example.com, buy.example.com, dev.example.com, mail.example.com, etc.
Entrust Wildcard SSL Certificates can also secure multiple Wildcard SANs. The SAN ensures that the Wildcard certificate works with or without a subdomain: *.example.com *.example.net *.sample.com .examplesample.com
The combination of flexibility and value gives system administrators the ability to easily add subdomains without the costs or tasks involved with deploying new certificates. Plus all Entrust Wildcard SSL certificates come with a website security bundle to find malware on your website and protect it from being blacklisted.
Eliminate Malware & Vulnerabilities with SITELOCK WEBSITE SECURITY: We’ve partnered with industry leader SiteLock to bring you an extra level of security that protects your data, your business and your customers. This FREE upgraded service included with all Entrust SSL products scans your website daily, hunting down harmful code, malware or other malicious attacks that could threaten, disrupt or shut down your site.
Trust comes from meeting and beating your customer’s expectations. That’s why you should let your visitors know they are on a secure website with the Entrust Site Seal.
This easy-to-understand SSL Subscription Service Comparison chart outlines the differences between Entrust’s subscription offerings — enabling you to make the smartest decision for your organization.
Want to learn more about your Entrust Datacard product? Here you’ll find brochures, data sheets, white papers and more that provide you the information you need.
|1 year*||2 year*||3 year*|
|Regular Pricing||$699 each||$608.13 /year||$573.18 /year||BUY NOW|
|Renewal Pricing||$678.03 each||$589.89 /year||$555.98 /year||RENEW NOW|
|1 year*||2 year*||3 year*|
|Regular Pricing||$1049 each||$912.63 /year||$860.18 /year||BUY NOW|
|Renewal Pricing||$1017.53 each||$885.25 /year||$834.37 /year||RENEW NOW|
Save time and money by securing up to 250 FQDNs with a single Wildcard SSL certificate.
Avoid browser error messages and prevent your customers from seeing annoying trust dialogs.
Websites protected with SSL on every page receive a more favorable search ranking in Google.
Flexible policy allows unlimited reissues when users lose passwords or re-image machines.
Get downloads, documentation and support for your On-Demand Card Issuance products:
For immediate assistance Entrust Datacard has Customer Care Centers that are available to serve customers in the Americas, EMEA, and Asia Pacific regions.CONTACT SUPPORT
Let your visitors know they are on a secure Web site, with the Entrust Site Seal. It’s been proven that customers have increased confidence and lower “abandonment” when you use a site seal. The Entrust Site Seal establishes your business as a safe place to do online business, giving users a higher level of trust.
In today’s business environment, it is imperative that organizations establish trust with their customers online. The best way? Let your visitors know you have taken steps to ensure the security of their information by clearly displaying the Entrust Site Seal.*
Entrust is recognized as a trusted security brand for more than a dozen years, providing layered security solutions that help instill confidence for consumers, enterprise and governments. Now you can leverage that brand to help secure the identities of your own customers.
*The Entrust Site Security Seal is included with each Entrust SSL certificate. The Entrust Site Security Seal is a Web-enabled clickable logo, which is licensed to Web sites that use Entrust digital certificates.
Your website’s security is our number-one priority. That’s why Entrust OV SSL Certificates feature ECC public key encryption in our root certificates. With support for SHA-2 algorithms, Entrust SSL Certificates protect your data by offering stronger security and increased performance.
Security providers work continuously to innovate technology to upend hackers who are diligent in their efforts to craft clever new ways to steal data. Advanced ECC, while not new, uses a different approach than standard RSA. RSA draws its strength by using increasingly larger logarithms, which take more time to process. ECC, on the other hand, relies on discovering a distinct logarithm within a random elliptic curve. The larger the elliptic curve, the greater the security. Using a random formula improves the encryption strength while a smaller logarithm increases the performance of digital certificates.
ECC uses a smaller algorithm to generate keys that are exponentially stronger than RSA keys.
The smaller algorithm means less data is being verified between the server and the client, which translates to increased network performance. This is especially important for websites that experience a high level of traffic.
Entrust SSL Certificates using ECC technology are ideal for scenarios where server-load performance is critical, and site visitors and the Web/app server are known to be compatible with ECC keys.
The practice of using a single certificate, such as a Wildcard Certificate, to protect multiple servers has become more common because they’re more cost effective and provide an easier way to manage certificates. The flexibility of managing an unlimited number of subdomains to a single certificate is a nice advantage for system administrators who want to simplify SSL/TLS certificate management. However, there is a substantial risk to using Wildcard certificates without employing best practices that mitigate common vulnerabilities.
The fact that a single Wildcard certificate and its corresponding private key could be used on multiple servers, and can also be used with the appearance of legitimacy with either a fictitious or a fraudulent subdomain name leaves them open to vulnerabilities. Using a single Wildcard certificate to protect multiple servers requires exporting the key-pair from one machine and importing it into one or more other machines. This creates a security vulnerability because the private key now exists in multiple locations. Now the value of that one private key is much greater because it protects more resources.
This practice ultimately bypasses controls for those subscribers who rely on the certificate approval procedure to monitor the authorization of new servers and new domains.
There are two main attacks facilitated by multi-server certificates:
Properly managed Wildcard SSL certificates can provide increased flexibility for system administrators, but they do come with increased risk. Entrust recommends using proper safeguards when deploying Wildcard Certificates. Download the white paper for a more detailed analysis.
Entrust is more than a security company. We’re your partner — real people you can depend on to provide the security, focus and trust you deserve.
And while we do provide a full range of security solutions for all type of organizations, Entrust Certificate Services personnel have one with one purpose in mind – your protection. Let us help you build a layered, identity-based security approach through our comprehensive portfolio of SSL digital certificates and services.
Flexible licensing options lets you choose the plan that works best for your unique business environment helping you to optimize SSL certificate management not just for added value, but to actually save money.
Subject Based Program
Reusable Licenses for Changing Web Environments
Our unique Subscription based plan lets customer reuse SSL/TSL certificates for a cost effective way to plan and budget their SSL/TSL certificate inventory.
Units Based Program
Traditional Certificate License Provisioning
This is a units based system for all digital certificate types where certificates can be used for 1, 2 or 3 years, each year consuming one unit.
94% of surveyed Entrust Certificate Services customers agree the Subscription Plan is effective in saving money on digital certificates.
Source: TechValidate survey of 405 users of Entrust Datacard