Thawte Wildcard SSL Certificates
Secure Multiple Subdomains On A Single Server
| Thawte Products | ||
|---|---|---|
| Thawte SSL Wildcard Certificates | ||
| SSL Wildcard Certificates 1 Year | List Price: $799.00 Our Price: $719.00 |
|
| SSL Wildcard Certificates 2 Years | List Price: $1,349.00 Our Price: $1,219.00 |
|
Overview:
Thawte® Wildcard SSL Certificates secure multiple subdomains with a single SSL Certificate, reducing management time and cost. Using the wildcard notation (an asterisk and period before your domain name) allows you to extend security to different subdomains based on your top-level domain name. Wildcard SSL Certificates include full organization validation, the Thawte® Trusted Site Seal, free reissues and a 30-day money back guarantee.
How SSL Works
SSL is a reasonably straightforward protocol, despite the advanced math that makes it work.
Public and Private Keys
SSL uses public and private encryption keys. When a digital certificate is issued for a web server, that certificate contains two keys: one that is privately held by the web server ("private key"), and another that is made publicly available to anyone who requests it ("public key"). These two keys are asymmetric, which means:
- Data encrypted by the private key can only be decrypted by the public key
- Data encrypted by the public key can only be decrypted by the private key
For example, to ensure the privacy of communications, a web browser retrieves the server's public key. The browser then uses that key to encrypt the information to be transmitted, since only the web server holds the private key necessary to decrypt that information. Note that in practice the encryption process may also rely on randomly-generated, short-term session keys that are exchanged between the browser and server. This is because, in most cases, the browser does not possess its own digital certificate and key pair.
How is an SSL Session Created?
An SSL session begins when a web browser sends a request to a web server using the https:// protocol
The web server responds with its digital ID, which includes its public encryption key. The web browser verifies the digital ID, which may include an online check with the CA as well as a check of the certificate itself for validity dates and other details. Once verified, the browser generates a session key, encrypts the session key using the server's public key, and sends the package back to the server.
The server decrypts the session key by using the server's private encryption key, which only the server possesses. This ensures that only the browser and the server possess the session key, and they can use that shared key to encrypt further communications between them. Servers usually discard session keys after several minutes of inactivity.
Features:
- Save time and money with fewer SSL certificates to manage and purchase.
- Create a secure, private connection between a web browser and web server, including gateways, web forms, mail and FTP servers, and VPNs with up to 256-bit SSL encryption and a 125k USD warranty.
- Secure your competitive advantage with SSL from Thawte, a globally recognized certificate authority with root certificates included in over 99% of browsers.
Choosing a Certificate:
The right SSL certificate depends on the level of assurance your customers need and the minimum security level your organization requires.
Assurance and Authentication
Authentication means that a trusted third party (such as Thawte) has verified the identification information contained in your SSL certificate, assuring customers that your site is actually your site.
You are considering: Wildcard SSL Certificates with full organization validation. However, your domain name listed in the certificate includes an asterisk and may not fully assure users.
For more assurance, SSL Web Server Certificates with full organization validation include your domain name and validated organization name in certificate details and verification pages.
For the most assurance, SSL Web Server Certificates with EV turn the address bar green in high-security web browsers, showing that your organization has met the industry's highest standard of authentication. Extended Validation (EV) includes your domain name, organization, and location in certificate details and verification pages.
1Minimum Assurance. 2More Assurance. 3Most Assurance.
Security and Encryption
Encryption is the "secret code" used to keep online communications private when a web browser and web server talk to each other.
You are considering: Wildcard SSL Certificates with standard encryption
You are considering: Wildcard SSL Certificates with 128-bit or 256-bit encryption in the latest operating systems and web browsers. However, certain older browsers and operating systems only connect at 40-bit or 56-bit.
For strong encryption in the most browsers, SGC SuperCerts with server-gated cryptography (SGC) enable older browsers and operating systems to step up to 128-bit or 256-bit encryption.
1Standard encryption. 2More encryption. 3Strong encryption.
If you need both Extended Validation and SGC, consider a VeriSign Secure Site Pro with EV SSL Certificate.
Product Comparision:
When online customers feel secure, they are more likely to complete a purchase or personalize their profile and return to your web site. What inspires confidence online? An SSL certificate from a globally recognized certificate authority such as Thawte. Expert multilingual support, a robust authentication process, and easy online management make Thawte® SSL Certificates the best value for securing your site.
| SSL Certificates Comparision: | |||||
|---|---|---|---|---|---|
| SSL123 Certificates | SSL Web Server Certificates | SSL Web Server Certificates with EV | SGC SuperCerts | Wildcard SSL Certificates | |
| Green Address Bar |  |
||||
| Authentication Level | Domain validation  |
Full organization validation |
Extended Validation (EV) |
Full organization validation |
Full organization validation |
| SSL encryption | 128-bit to 256-bit in most browsers | 128-bit to 256-bit in most browsers | 128-bit to 256-bit in most browsers | 128-bit to 256-bit in 99.9% of browsers | 128-bit to 256-bit in most browsers |
| Estimated issuance time | 1 Business Day, or Less | 1-2 Business Days | 1-10 Business Days | 1-2 Business Days | 1-2 Business Days |
| Thawte® Site Seal |  |
|
|
|
|
| Recommended use | Secure intranets and internal servers | Secure log-ins for public and employee sites | Visually establish trust and security for all users | Enable strong encryption for the most site users | Secure multiple subdomains |
| Domains secured | Single | Single | Single | Single | Unlimited subdomains |
| Certificate Center Account |  |
|
|
|
|
| Free reissue | |
|
|
|
|
| Renewal reminders | |
|
|
|
|
| Over 99% browser compatibility | |
|
|
|
|
| EV Upgrader™ | |
||||
| Root hierarchy | Thawte | Thawte | Thawte EV | Thawte | Thawte |
| OCSP and CRL Support | |
|
|
|
|
| Internationalized Domain Names | |
|
|
|
|
| Money back guarantee | |
|
|
|
|
Documentation:
Download the Thawte Understanding SSL Certificates Guide (PDF).
| Thawte Products | ||
|---|---|---|
| Thawte SSL Wildcard Certificates | ||
| SSL Wildcard Certificates 1 Year | List Price: $799.00 Our Price: $719.00 |
|
| SSL Wildcard Certificates 2 Years | List Price: $1,349.00 Our Price: $1,219.00 |
|