Rate this article: (5 votes, average: 4.60)
Do I need a different SSL certificate for WWW and without versions of my website?
Many customers ask us whether their SSL certificate covers both the WWW and non-WWW variations of their domain. Yes, it will. All Comodo SSL certificates secure both the WWW and non-WWW variations of your website. You don’t need a separate SSL for www and non www.
Per WWW standards, even though your website may be the deployed as “domain.com,” it will also deploy as “www.domain.com.” Many people mistakenly categorize the WWW as a separate sub-domain. It’s actually an alias for the non-WWW domain. WWW is a DNS naming structure.
There is some misinformation out there about this topic. After all, SSL is an encryption-based protocol that will only secure the domain it has been issued for.
That’s incorrect, almost all CAs – including Comodo – secure both WWW and non-WWW variations with a single certificate. When you generate your certificate signing request (CSR) for your WWW website, it will automatically cover the non-WWW variation as well.
So if you generate a certificate for www.domain.com, it will also secure domain.com. The browser will show the protocol you’re using, HTTPS, at the front of each address, too. You have nothing to worry about.
You can find a selection of Comodo SSL certificates right here:
Tip: You can typically save a significant amount by buying your SSL certificate direct instead of through your web hosting company. We sell all Comodo SSL certificates at up to 75% off.Compare SSL Certificates
If your SSL certificate doesn’t work on both WWW and non-WWW variations, then you sure didn’t buy it from us. But we’ll help you anyway.
One of the easiest ways to get around this problem is to redirect your visitors from the non-WWW domain to the WWW version. Just use 301 redirects and you’ll be fine.
Additionally, you could purchase a Wildcard certificate, which will protect all sub-domains (even WWW), and install that on your server. We really wouldn’t recommend using a Wildcard this way, though. It’s cheaper, and far easier, to just use a CA that allows you to secure both—like Comodo.