Do I need a dedicated IP address per sub domain for SSL?

ssl ssl-certificate

I currently have a dedicated server with a domain name eg. domain.com which has its own dedicated IP address. I need to secure only one sub domain eg. secure.domain.com

Does this subdomain need its own dedicated IP address to get an SSL certificate? Also, am I correct in thinking that I only need a standard certificate not a wildcard?


If you only have one SSL subdomain, then you only need one IP address and you don't need a wildcard. You can run SSL for secure.domain.com on the same IP address as non-SSL for domain.com.

If you have more than one SSL domain, there are four ways to handle it:

  1. Multiple IP addresses
  2. Wildcard SSL certificate
  3. Server Name Indication
  4. Subject Alternative Name

They all have their own advantages and drawbacks, and you'd have to research them all to work out what's best for your application.


The certificate is associated with the name, not the IP address, so no, you don't need a dedicated IP address for your secure site.

If you only plan to have one secure site, a non-wildcard certificate should be sufficient.

Related

How can I rebuilt MySQL replication without dumping the master?
Two trusted domains with same username in both - can we merge?
Ubuntu: disable udev's persistent-net-generator.rules
Installing RDS on Windows Server 2012 without AD
Copy a whole directory structure in Chef
how to add an open_basedir path in nginx vhost
Avoiding log noise from cron jobs - with syslog-ng rather than syslog
Apache load balancer with https real servers and client certificates
Will SQL Server 2012 install + run Windows 2003
How to list all DNS names pointing to an IP?
How to check Ubuntu crash log in last session?
Unity: how to add a shell-script to the dock