Shared SSL certificates are also known as wildcard or Server-Wide
certificates. They are used to service multiple domains.
determines a wildcard certificate as "a single certificate,
with a wildcard character in the domain name field. This allows
the certificate to secure multiple hosts within the same domain.
For example, a certificate for ' *.domain.com ', could
be used for www.domain.com, www1.domain.com, www2.domain.com,
in fact, any host in the domain.com domain. When a
client checks the host name in this certificate it uses a
shell expansion procedure to see if it matches." Wild
Card certificates can be purchased, for instance, at
According to VeriSign,
a shared SSL certificate "enables Internet Service Providers
(ISPs) to provide SSL (Secure Sockets Layer) encryption and
business authentication to Web business customers, but without
the need to issue unique digital certificates to each hosted
customer. The service offers ISPs the convenience and streamlined
management of a single specially licensed SSL digital certificate
to share among multiple hosted Web sites".
Shared SSL certificates work only within one domain level.
For example, if you get a domain name for *.domain.com,
it will work for www.domain.com and subdomain.domain.com.
But it won't work for www.subdomain.domain.com or http://domain.com
and visitors' browsers will show a warning message: "The
name on the security certificate does not match the name of
the site". The cost of the Shared SSL certificates usually
depends on the number of subdomains that it covers and varies
depending on the certificate authority.
If you have several web servers, you can install the same shared
ssl certificate to each of the servers.
To install a shared SSL certificate:
- Select Shared SSL Manager in the E.Manager menu:
- Turn Shared SSL on for the domain you would like to secure:
- The window that appears will give you two options:
- Generate a temporary wildcard certificate by clicking
the link at the top of the window;
- Enter your existent wildcard certificate by entering it
in the form. When you click the Submit button, the
certificate will be installed.
If you have created a temporary wildcard certificate, you
can request a permanent wildcard certificate in the future
from a trusted certificate authority. To install the SSL certificate,
click the Edit icon next to the domain name and enter
the certificate key and certificate file. Then click the Upload
Sometimes, you may have to use a Certificate Authority
File provided with the Certificate by your Certificate Authority
(e.g. Geotrust, Equifax, etc.). To use the Certificate Authority
File, you have to add a line to the apache config of each
virtual host that uses shared SSL. H-Sphere can do this
for you: enter the file in the Certificate Authority File
text box and click the Upload button.
Note: If you are using more than one shared IP, each
of them must have a unique shared IP tag. You can't create
more than one certificate on one shared IP tag.
- Go to Plan Edit Wizard and enable Shared SSL.
By doing this, you will also automatically enable Third Level Domain Alias,
Third Level DNS Zone, Domain Alias A DNS Record.
- If you have added a new web server and want it to be serviced
with the shared SSL certificate, click the Edit icon
next to the domain name and enter the certificate key and
certificate file in the Install completely new certificate
key and file pair boxes. Then click the Upload
button. This will update the shared SSL certificate installation
on all servers, including the newly installed one.