You administer several customer-facing web applications hosted at account.example.com, checkout.example.com, and helpdesk.example.com. You want each subdomain to present a trusted HTTPS connection without requesting, tracking, or renewing a separate certificate every time a new subdomain is deployed. Which type of certificate issued by a public certificate authority best meets this requirement?
A wildcard certificate (for example, *.example.com) secures an unlimited number of first-level subdomains under the specified parent domain, so one certificate covers any present or future host such as account.example.com or checkout.example.com, greatly simplifying lifecycle management. A multi-domain SAN certificate can secure several hostnames, but every domain must be listed explicitly; adding another subdomain later requires re-issuance. A root certificate is a self-signed trust anchor used by certificate authorities and cannot be purchased to authenticate a commercial website. A self-signed certificate is not trusted by browsers unless the visitor manually installs the issuing root, making it unsuitable for a public e-commerce environment.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a wildcard certificate and how does it work?
Open an interactive chat with Bash
What are the advantages of using a wildcard certificate over individual certificates?
Open an interactive chat with Bash
What is the difference between a root certificate and a wildcard certificate?