Multi-Domain (SAN) SSL Certificates

1 min read SSL/TLS & Certificates

Multi-Domain (SAN) SSL Certificates

Multi-Domain SSL certificates, also known as Subject Alternative Name (SAN) certificates or Unified Communications Certificates (UCC), secure multiple distinct domains and subdomains within a single certificate. Unlike wildcards that cover unlimited subdomains under one domain, SAN certificates explicitly list each protected hostname. This approach provides flexibility to secure completely unrelated domains like example.com, example.net, and differentcompany.org under unified management.

The technical foundation of SAN certificates lies in the X.509 Subject Alternative Name extension, which allows certificates to contain multiple DNS names. Modern SAN certificates can include 100-250 hostnames, though practical limitations and certificate authority policies typically recommend fewer for manageability. Each listed hostname receives full protection, and browsers validate that the accessed hostname appears in the certificate's SAN field.

SAN certificates excel in complex hosting scenarios where organizations manage multiple brands, domains, or services that don't share a common domain structure. Mergers and acquisitions often result in disparate domain portfolios that benefit from consolidated management. Multi-brand retailers, holding companies with various subsidiaries, or service providers managing client domains find SAN certificates provide the flexibility needed for their diverse infrastructure.