How to Install a Wildcard SSL Certificate on Multiple Servers?
Install a Wildcard SSL Certificate on multiple servers is possible but only a few users would know that. Because most users believe that Wildcard SSL certificates can secure secures the main domain and all its additional sub-domains of a single server only.
A simple SSL certificate only protects one domain or one sub-domain, but there are other types of SSL certificates such as Wildcard certificates who extend encryption security to multiple sub-domains. You can compare Wildcard SSL Certificates because are available in different brands at different rates and varied features.
How to Install Wildcard SSL Certificate on Multiple Servers?
Many SSL certificate brands give unlimited server licenses on the purchase of SSL certificates, while a few do charge an additional fee for the installation of wildcard SSL on all additional servers.
However, a wildcard certificate can be installed on multiple servers in two ways:
- Create CSR, reissue current SSL and install on the required server.
- You need to create new CSR and copy private key on the required server.
In this article, we will show you how to reissue the current wildcard on multiple servers with the help of the cPanel server.
Steps to Install Wildcard SSL on Multiple Servers:
1. Generate CSR (Certificate Signing Request) on cPanel
The first and foremost step for installing Wildcard SSL certificate, be it single server or multiple servers, is to generate CSR. For CSR generation:
- Login in cPanel.
- Go to the Security section and click on SSL/TLS Manager.
- In SSL/TLS, click on CSR. This will allow you to generate, view or delete SSL certificate.
- Fill the below fields with alphanumeric digits.
- Domains: Enter FQDN (fully qualified domain name) for which you have applied the SSL certificate. Wildcard SSL certificate consists of one wildcard character i.e. “*”, an asterisk. Write an “*” in front of the domain (*.example.com). This will help secure all your sub-domains like blog.example.com, payment.example.com, email.example.com, etc.
- If you are planning to secure multi-level subdomains and their following subdomains also, for example, *.blog.example.com, *.mail.example.com then, it requires a Multi-domain wildcard SSL certificate.
- The remaining fields need to be entered in full form and ensure that you don’t write any short forms or abbreviations while filling the below details.
- City: Enter the full name of your city.
- State: Enter the full name of your State.
- Country: Select your country from the drop-down menu.
- Company: If you have applied for OV (Organization) certificate, you need to register the name for your business. For DV (Domain Validation) SSL, write “NA” if your company name is not registered.
- Company Division: Write the department name in the company. Write “NA” if there are no departments in the company.
- Email: Though this is an optional field, you can enter your e-mail address for promotional fliers.
- Passphrase: Enter a password and memorize it for later use as this pass phrase protects the private key.
- Click on Generate
- To generate CSR, click Generate.
Your CSR has been generated and a pair of keys (private and public) has been successfully generated too. The private key is stored on server for decryption purpose and public key in the form of CSR will be sent to Certificate Authority for issuance of SSL certificate. Backup your private key and keep it in a safe place or removable media in case of emergencies.
After receiving all the details and CSR request, the CA will issue the SSL certificate along with the procedure details (and files) required for the completion of certificate installation process.
As discussed above, you need to install this reissued wildcard SSL certificate on required server. Else, you can copy the private key and paste the same on required server as discussed below.
2. Locate and Transfer Private Key on Multiple Servers
After the private key and public keys are generated, the private key must be copied in all multiple servers using cPanel.
- Copy header (-----BEGIN RSA PRIVATE KEY-----) and footer (-----END RSA PRIVATE KEY-----) of the Encoded private key also as marked in the above image.
- Copy the whole private key which is generated at the time of CSR generation as shown in the picture below.
- Select Private Keys (KEY), and click Edit
- Login in cPanel, and go to SSL/TLS
- Paste the private key in the private key field on each additional server, for installation of wildcard SSL certificate as shown in the image below.
- Below the Private Key, it is the Certificate Authority Bundle field. Add your certificate and intermediate certificate on all additional servers.
- The Wildcard SSL certificate installation process on multiple servers is over.
Advantages of Wildcard SSL installation on multiple servers
- Since there are various sub-domains, it’s easy to manage with multiple servers.
- Visitors can directly visit specific sub-domains without visiting the home page.
- Operational efficiency increases, since different departments manage different sub-domains.
- It is cost-effective, since the majority of the CA’s like Comodo, GeoTrust, RapidSSL, Thawte, etc. offer unlimited server licenses; i.e. you pay for one single server and you get unlimited server licenses with a single wildcard SSL at an effective rate.
Best Wildcard SSL certificates
In this competitive world, almost all brands provide Wildcards in both DV and OV validations with fabulous yearly discounts and offers. You can find the Cheap Wildcard SSL providers who provide security to your e-commerce platforms.
Conclusion:
Wildcard SSL security on multiple servers is an easy process and since it is budget-friendly, mostly it is used by medium and large enterprises to secure their business. The most important thing you need to ensure while installing Wildcard SSL on multiple servers is, to safeguard your private key. Since this key is shared on multiple servers, chances of it being compromised increase. So, store your private key in a safe place to keep it safe from prying eyes.
