Rate this article: (2 votes, average: 3.00)
One of the questions our customers come to us with the most is about where they can find the mythical Wildcard EV SSL certificate to activate the green address bar across multiple subdomains. Unfortunately, much like unicorns and rental cars that haven’t been smoked in–they don’t actually exist.
But there is an option that works…
If you want to secure multiple subdomains with an EV SSL certificate, your best bet is a multi-domain SSL.
Buy A Multi-Domain EV SSL – From $129.05/year
The requirements for issuing an Extended Validation SSL certificates have been meticulously refined by the CA/B Forum over the years. In fact, the EV baseline requirements are the entire reason the CA/B Forum exists. These guidelines dictate strict requirements for validating EV certificates, the reason being that EV warrants a powerful unique visual indicator that is specific to the domain in question.
By its very nature, a Wildcard undermines this level of authentication. Wildcards are meant to be deployed on websites with sub-domains, they can be re-issued to secure newly added sub-domains during their lifespans. This lack of oversight doesn’t mesh well with what’s required for EV. Put simply, there is no EV Wildcard product for security reasons.
If Wildcards could be issued at the EV level it means that any qualifying sub-domain would receive an EV indicator despite not undergoing to requisite validation. This creates attack vectors where a single sub-domain could be compromised and used to phish users with an EV indicator. This, in turn, would undermine trust in the entire EV ecosystem. While there’s not a high probability that this would be exploited, the fact it’s possible is enough to keep CAs from offering EV Wildcards.
You’re going to need to purchase an EV Multi-Domain certificate and list each domain and sub-domain individually as SANs. This will allow you to secure each domain and sub-domain with the green address bar.
Buy A Multi-Domain EV SSL @ $129.05/year