1

Is there a security reason not to use a wildcard cert other than manageability and exploitation if used on multiple servers?

view story
linux-howto

http://serverfault.com – I have a security advisor that is telling me that we can't use wildcard SSL certs for security reasons. To be clear I much prefer using single certs or multi-domain certs (SAN). However we have a need for the server (plesk) to server 100s of subdomains. Based on my research the main reason people site for not using wildcard is the following which appears to come from verisign: Security: If one server or sub-domain is compromised, all sub-domains may be compromised. Management: If the wildcard certificate needs to be revoked, all sub-domains will need a new certificate. Compatibility: Wil (HowTos)