Abion / Blog / Many small certificates or one big one?
trademark renewal

As if the jungle of SSL-certificates was not hard to navigate as it is with all its combinations of levels and providers (read more here), there is also something called a “SAN” certificate. SAN stands for ”Subject Alternative Names” and is a certificate that enables the same certificate to be used on several domains/subdomains, something that would otherwise require several individual SSL-certificates.

As described in the third part of our SSL-certificate school, it is the management and renewal of an organisation’s SSL-certificates that causes the most stomach-ache for the one responsible. A SAN-certificate can often be the answer to his or her prayers since it means you only have to keep track of one certificate, with a single end date and a single supplier.

What are the advantages of a SAN-certificate versus individual certificates?

There are a great number of consolidating several “smaller” certificates by replacing them with one SAN-certificate. The primary advantage obviously being less work and less certificates to renew.

What are the potential disadvantages?

Of course there are disadvantages, otherwise everyone would be using SAN-certificates.

The primary disadvantage of using a SAN-certificate is that the certificates are all generated using the same CSR. This means that if the certificate is hacked, all SAN-certificates are affected. At the same time, the primary advantage of the SAN-certificate, the fact that you only have to renew one certificate, also its disadvantage if the renewal is neglected. If the certificate is not renewed, the certificate stops working everywhere it is being used. However, if the certificate is under control, for example managed by a trusted certificate partner, this is a small risk compared to the advantages of using a SAN-certificate.

How does one go about if one wants to start using a SAN-certificate?

Firstly, you must find out which certificates that you have and how they are currently being used.

Common usages for SSL-certificates:

  • Public websites
  • Internal systems
  • Other services that require encrypted data traffic

In a recent project, a client of ours had 18 different SSL-certificates for internal systems and services. That meant 18 different certificates to keep track of and renew. My recommendation was that we helped them set up a new SAN-certificate that included all internal systems and services.

The same can be done for public websites. However, it is important to check if the certificate owner for the sites needs to differ on the individual sites. This is because you can only have one owner on a SAN-certificate.

Regardless, it is always a good idea to separate the certificates based on areas of usage, that way you can more easily keep track of which certificate that is being used for what.

How we can help you with you management of certificates

Our aim is to ensure the same secure management of SSL-certificates as with domain names and trademarks. For maximum protection against certificates failing because of poor management, our recommendation is to always consolidate your certificates.

Let my team of experts help you with a plan for a more secure certificate management according to the following stages:

  1. The analysis
    In collaboration with you, we analyse your current certificate situation. Which certificates are there? From which providers? And so on. The analysis is summarised in a document containing a recommended action plan for optimizing the current certificate management.
  2. Creating control
    Based on the action plan, we enable the client to make sure every certificate is under control, with the aim of every certificate being managed by Abion for total control and security.
  3. Ongoing certificate partnership with portfolio management
    Abion is a gold partner of Digicert, Symantec, Geotrust and Thawte – we have the ability to provide our clients with a smooth and secure certificate partnership, with one dedicated contact and safe management.

Related reading

Alfa Romeo sign

Alfa Romeo makes a U-turn: Milano goes Junior

Trademark Management
13, May 2024
Following pressure from the Italian government, Alfa Romeo is forced to change the name of its newly unveiled SUV.
Made in Italy label

The Rising Importance of “Made in” Labels: A European Perspective

Trademark Management
11, May 2024
When consumer choices are increasingly driven by a desire for authenticity, quality, and sustainability, the signi...

This website uses cookies

Cookies ("cookies") consist of small text files. The text files contain data which is stored on your device. To be able to place some type of cookies we need your consent. We at Abion AB, corporate identity number 556633-6169 use these types of cookies. To read more about which cookies we use and storage duration, click here to get to our cookiepolicy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that need to be placed for fundamental functions on the website to work. Fundamental functions are for instance cookies that are needed for you to use menus and navigate the website.

Functional cookies

Functional cookies need to be placed for the website to perform in the way that you expect. For instance to remember which language you prefer, to know if you are logged in, to keep the website secure, remember login credentials or to enable sorting of products on the website in the way that you prefer.

Statistical cookies

To know how you interact with the website we place cookies to collect statistics. These cookies anonymize personal data.

Ad measurement cookies

To be able to provide a better service and experience we place cookies to tailor marketing for you. Another purpose for this placement is to market products or services to you, give tailored offers or market and give recommendations on new concepts based on what you have bought from us previously.

Ad measurement user cookies

In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data