Which one is better to use SSL for a group of domains, one multi or for each its own separate one?

E

Eugene2019-02-25 15:15:16

Digital certificates

Eugene, 2019-02-25 15:15:16

Tell me this question, the company has many projects. Now we use certificates either multi (for 3 domains) or separate for each.
Tell me what is the fundamental difference (we are not talking about money). What is better to use if the projects belong to the same company, are located on the same server. Buy one multiDomain certificate for 15 domains or still have a separate one for each?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

K

ky0, 2019-02-25
@ky0

The fundamental question is to pay for air in 2019 or not to pay, the rest is less important.
The argument in favor of separate certificates is that if your private key is stolen, they will not be able to use it for phishing in general of all domains, but only one. On the other hand, if all encryption takes place in one place, they will most likely steal everything at once, so it doesn’t matter.

C

CityCat4, 2019-02-27
@CityCat4

If you mean SAN - then of course you can shove all 15 names there - for some money. But for example, Apache does not allow you to bind a certificate if the site name is only included in the SAN - it needs it to be in the CN, otherwise it will not stupidly start.
Having several different certificates is certainly more expensive and more difficult to maintain, but it seems to me more reliable.