SSL certificate for Domains not in use

redirect ssl domains

I am not sure if my title makes sense, but here is the situation. My site is hosted on GoDaddy, and the monthly fee includes an SSL certificate for the domain. I have also registered domains that someone might search for, although there is no content associated with those domains. I just got a bill from GoDaddy for almost $600 for SSL certificates -- these were described as Managed SSL SAN-5 - Renewal - 2 year(s)

My question is, do I need certificates for the other domains? It sounds like their certificates are VERY expensive -- is there another way to get certificates for less money? Am I taking a risk if I don't have the certificates?

Any ideas are most welcome. Thank you


If you do not actually use these other domains at all you do not need any certificates for those.
If you want to serve something, which could be a redirect or whatever (I get the feeling this could be the intention behind your "domains that someone might search for" phrasing), you may still want those certificates so that these other domain names also work with https.

If I understand it correctly from the question, the problem in terms of price here seems to be related to buying a rather expensive managed option.
My impression is that managed here means that the web hosting provider maintains the certificate configuration and renewal processes for you, provided that you use the certificate with their web hosting solutions.

Now, I don't know what is practical with some specific web hosting solution by some specific service provider, but I can make some general comments on cheaper certificates:

  • Free certificates, such as Letsencrypt or similar free ACME-based CAs.
    The whole process issuance/renewal process is API-based and very suitable for automation, which is great. However, to be practical said automation is not an optional benefit but rather a near-requirement, considering the certificate lifetime is 90 days.
    If you want to use some specific hosting provider and they do not provide this as an option for their customers, you may not be able to practically use it with their hosting services.
  • Cheap certificates, typically actually cheap from major resellers rather than the CAs themselves. In my experience these are available starting from around $10 / 1 year for a basic domain-validated certificate. I would fully expect that your hosting provider has a cheaper non-managed option, but whether that takes it down all the way to "cheap" is a different question.
    The difference here compared to your current managed solution is that you would need to configure the use of your newly purchased certificate with the web hosting solution (check what that process is), keep track of renewals and probably repeat that setup process when you renew the certificates.

If you can use some web hosting solution that either includes certificates or supports ACME/Letsencrypt, that could be a cheaper way of having an automated solution. The recurring manual steps of renewal, which if forgotten or done incorrectly lead to sites going down, really are better avoided whenever possible.

Related

Why does my server have a dedicated IPMI port?
Check integrity of .tar.gz backup
Moving nextcloud into an apache VirtualHost block for use as a subdomain?
How can I isolate a single TCP connection on Wireshark?
When I type in a nonexistent command my machine stalls for about 5 seconds before returning to the shell prompt
Remotely diagnosing server 2012 boot problems with no KVM
Securely delete individual files from virtual drive on SAN
How to send email in background in Android? [duplicate]
How to eliminate flicker in Windows.Forms custom control when scrolling?
Calculate Euclidean distance matrix using a big.matrix object
Adding namespace to an already created XML document
WPF Button Mouseover Image