Menu
On a SSL certificate provider I get this message:
NOTE: The UCC Certificate is ideal for Communication Server, Exchange Server and other Enterprise Applications, as well as for single companies or entities with many related URLs. This Certificate is not recommended for use with sites completely separate from each other (e.g. a network provider who builds Web sites for competitors).
I just don't get why.
Can anyone share some light?
Thank you in advance.
910
A Unified Communication Certificate (or UCC) is a digital security certificate which allows multiple hostnames to be protected by a single certificate. UC certificates are also known as Subject Alternate Name (or SAN) certificates, multi-domain certificates or Exchange certificates.
A Unified Communications Certificate (UCC) is an SSL certificate that protects multiple domains and subdomains. UCC certificates can be used on GoDaddy hosting products to protect multiple websites, but the websites must all be on the same hosting account.
Standard UCC SSL certificates are used to host multiple domains on a single certificate. They are also referred to as multi-domain SAN or Exchange certificates. UCCs are ideal for server environments such as Microsoft Exchange but can be used with any other server environment as well.
Go to your GoDaddy product page. Select SSL Certificates and then select Manage for the certificate you want to change. Select Change Subject Alternative Names. For Add a domain, enter the SAN you want to add and then select Add.
Since a certificate valid for both companyA.com and companyB.com only has one matching private key, whoever has control of that private key can serve either host names in a way that is valid, as far as certificate validation is concerned.
This means that the server admins of companyA.com also have the responsibility for the safe-keeping of the key+cert for companyB.com (since it's the same certificate).
This can work fine if the two companies or sites are part of the same entity, but this can get quite complicated from an organisational and legal point of view if the sites are not meant to fall within the scope of the same administrative domain. This is generally not good for the accountability and administrative aspects of security.
163
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
