I am relatively new to utilizing SSL certificates and have a question before we purchase one for our site, which is hosted on a VPS server with a dedicated IP on Site5. Our site contains data that MUST BE kept secure.
We are about to purchase an SSL for www.example.com (the domain is canonicalized, so typing in example.com will redirect to www.example.com). We also have a subdomain help.example.com, which can only be accessed by going to www.example.com and logging in (if one is not logged in, then help.example.com redirects to www.example.com to force login).
My question is, do we need to purchase a wildcard SSL to secure help.example.com and example.com as well, even though both redirect to www.example.com when not logged in? Or can we just purchase a standard SSL for one domain (www.example.com) and that will secure ALL access to the site? I just want to make sure there are no security holes accessible through other channels.