From August 19th 2020, SECTIGO issues SSL certificates with a maximum lifetime of 398 days (13 months) as specified by CA/Browser consortium. SSL certificates with a longer lifetime must be re-issued annually (free of charge). You'll receive reminders via e-mail. SSL certificates issued before August 19th 2020 remain valid until their planned expiry date. Code Signing & S/MIME certificates are not affected and remain valid until their planned expiry date.

Multi-Domain (SAN) certificates: will "www.domain.com" and "domain.com" count as two SAN entries?

When using multi-domain SSL certificates www and non-www versions of the domain name are considered to be different domain names, and will require separate SAN (addon) slots in the certificate.

However, when using GeoTrust/Symantec/Thawte certificates you can get a free SAN of domain.com if the Common Name of the SSL is www.domain.com, so the non-www version of the common name will be secured by the SSL for free.

SAN Example for COMODO PositiveSSL Multi-Domain:

CSR Slot #1: www.domain1.com

SAN Slot #2: domain1.com

SAN Slot #3: abc.domain1.com

SAN Slot #4: xyz.domain1.com

SAN Slot #5: www.domain2.com

SAN Slot #6: domain2.com


SAN Example for GEOTRUST True BusinessID:

CSR Slot #1: www.domain1.com           

(as this is the main domain and www.domain1.com was specifiec inside CSR, domain1.com will automatically be included for GEOTRUST True BusinessID!)

SAN Slot #2: abc.domain1.com

SAN Slot #3: xyz.domain1.com

SAN Slot #4: www.domain2.com

SAN Slot #5: domain2.com


Was this answer helpful?

 Print this Article

Also Read

Tomcat CSR generation and CRT import (Java Keystore .JKS), Matrify, GlassFish, Wildfly ...

keytool -genkey -alias server -keyalg RSA -keysize 2048 -keystore www.domain.com.jks keytool...

GEOTRUST RapidSSL: Installing SSL certificates including intermediate (ca_bundle) certificate on nginx

Note: When placing your CSR inside the MY INTERSSL account, please choose server type...

How to create a certificate signing request (CSR) in Microsoft Exchange 2013 ?

Our partner Sectigo (formerly known as COMODO) has a tutorial that's including screenshots. You...

Code Sigining: CSR Generation (how to generate a CSR for Code Signing locally on your computer)

In the past, Code Signing requests automatically created a CSR/KEY pair inside your browser....

Tomcat GlassFish SSL CSR creation & installation example

cd /opt/glassfish4/glassfish/domains/domain1/config keytool -list -v -alias s1as -keystore...