Help Center/ Cloud Certificate Manager/ FAQs/ SSL Certificate Application and Purchase/ About Required Domain Name Details/ What Are the Differences Between a Single-Domain Name, Multi-Domain Name, and Wildcard-Domain Name in SCM?
Updated on 2024-09-18 GMT+08:00
View PDF
Share

What Are the Differences Between a Single-Domain Name, Multi-Domain Name, and Wildcard-Domain Name in SCM?

In SCM, options for Domain Type can be Single domain, Multiple domains, or Wildcard.

Table 1 Domain Type

Parameter

Description

Single domain

Only one common domain name can be associated.

If you have only one domain name, select Single domain.

Multiple domains
  • Multiple domains can be added to a certificate. Multiple single domains can be set for domains. For example, you can use one multi-domain certificate to protect domains example.com, example.cn, and test.com.
  • You need to configure the domain quantity based on the number of domains you need to protect with a single multi-domain certificate.
  • The www subdomains and the corresponding root domains may be considered as different domains by some CAs. The following uses subdomain www.a.com and root domain name a.com as an example to show the differences. For more details, see How Do I Select an SSL Certificate?
    • For DigiCert and GeoTrust certificates, you can purchase a certificate for either the root domain or the subdomain to protect both domains at the same time. For example, if you plan to purchase a multi-domain certificate issued by DigiCert or GeoTrust and expect to use this certificate to protect www.a.com and a.com, just associate www.a.com or a.com with the certificate.
  • The number of domain names ranges from 2 to 250. A maximum of 250 domain names can be protected with a certificate.

If you have multiple domain names, select Multiple domains. Purchase domain names of the required quantity on the purchase page.

Wildcard domain
  • Only one wildcard domain name can be associated.
  • A wildcard domain name is the one that starts with a wildcard (*), for example, *.huaweicloud.com or *.example.huaweicloud.com.
  • Only the same-level domain matching is supported. For example, a certificate associated with *.huaweicloud.com can protect p1.huaweicloud.com but not p2.p1.huaweicloud.com. If you need to protect p2.p1.huaweicloud.com, purchase a wildcard-domain certificate associated with *.p1.huaweicloud.com. For details about more level matching rules, see Table 2.

If all of your domain names are at the same level, select Wildcard.

Before you purchase a wildcard-domain certificate, pay attention to the domain name matching rules. Table 2 are some examples.

Table 2 Examples of wildcard-domain matching rules

Domain Name

Matched Domain Name

Unmatched Domain Name

*.huaweicloud.com

test.huaweicloud.com, yun.huaweicloud.com, example.huaweicloud.com, and other domain names

abc.test.huaweicloud.com, yun.test.huaweicloud.com, example.test.huaweicloud.com, and other domain names

*.test.huaweicloud.com

abc.test.huaweicloud.com, yun.test.huaweicloud.com, example.test.huaweicloud.com, and other domain names

abc.huaweicloud.com, yun.huaweicloud.com, example.huaweicloud.com, and other domain names
  • For wildcard-domain certificates, only those associated with root domain names support the domain names. A wildcard-domain certificate can protect matched domain names of the same level but not the tertiary domain names. The matching rules are as follows:
    • If the primary domain name for a wildcard-domain certificate is a top-level domain name, the certificate can be used for the primary domain name the wildcard domain matches by default. For example, if you purchase a wildcard-domain certificate for *.huaweicloud.com, you can use the certificate for huaweicloud.com. You do not need to purchase another certificate for huaweicloud.com.
    • If the primary domain name for a wildcard-domain certificate is not a top-level domain name, the certificate cannot be for the domain names with levels unmatched the wildcard domain name. For example, a wildcard-domain certificate for *.p1.huaweicloud.com cannot be used for p1.huaweicloud.com or huaweicloud.com. To protect p1.huaweicloud.com or huaweicloud.com, you need to purchase a new certificate.
  • If the www subdomain is associated with a certificate, the certificate also protects the root domain. For example:

    A certificate purchased for domain www.huaweicloud.com can also protect huaweicloud.com. There is no need to purchase another certificate.

  • Once your digital certificate is issued, the associated domain cannot be changed.

Table 3 is given here for your reference.

Table 3 Domain type selection examples

Example Scenario

Example Domain Name

Domain Type Selection

Quantity Selected

You have only one domain.

huaweicloud.com

Single domain

Single-domain type. The value of Quantity is fixed at 1.

test.huaweicloud.com

Single domain

p1.test.huaweicloud.com

Single domain

You have multiple domains.

Two domains

huaweicloud.com and p1.huawei.com

Multiple domains

2

Three domains

huaweicloud.com, p1.huawei.com, and p1.test.huaweicloud.cn

Multiple domains

3

Four domains

huaweicloud.com, test.huaweicloud.cn, p1.test.huaweicloud.cn, and p1.test.yun.huaweicloud.com

Multiple domains

4

You have multiple domains at the same level.

test.huaweicloud.com, yun.huaweicloud.com, example.huaweicloud.com, and other domain names are the same level and are part of *.huaweicloud.com.

Wildcard domain

Wildcard domain type. The value of Quantity is fixed at 1.