I am relatively new to utilizing SSL certificates and have a question before we purchase one for our site, which is hosted on a VPS server with a dedicated IP on Site5. Our site contains data that MUST BE kept secure.
We are about to purchase an SSL for www.example.com (the domain is canonicalized, so typing in example.com will redirect to www.example.com). We also have a subdomain help.example.com, which can only be accessed by going to www.example.com and logging in (if one is not logged in, then help.example.com redirects to www.example.com to force login).
My question is, do we need to purchase a wildcard SSL to secure help.example.com and example.com as well, even though both redirect to www.example.com when not logged in? Or can we just purchase a standard SSL for one domain (www.example.com) and that will secure ALL access to the site? I just want to make sure there are no security holes accessible through other channels.
Thanks for your help.
]
Answer #1
Hello
If possible, the cheapest solution for you would be to move the help.* sub domain to a sub directory of your main domain (www.domain.com/help). This would allow you to just use 1 SSL to cover the whole system.
If the two sites must be on different domains (www.* and help.*) and the two sites can be hosted on different cpanel accounts (on the same server) then what I would recommend is picking up 2 different SSL certs. Keep in mind you will need a dedicated IP for each site in this situation.
If they need to be under the same account (as well as using 2 different domains) then you would need to use a wild card SSL.
I hope this was helpful and if you have any other questions, please feel free to let us know.
Happy Hosting!