SSL Certificates and ... Providers

Blake Pfankuch blake at
Thu Dec 27 20:37:52 UTC 2012

Thanks everyone for the quick responses.  Our stuff is currently through Verisign because of the "reliability of the name" and the nature of the industry.  Any suggestions for who I should look at to replace them with?  I know I will be saving money, but looking to keep the name reliability as well.  Thawte and GeoTrust have the same "per server" model, and looking to get away from that.


-----Original Message-----
From: Blake Pfankuch [mailto:blake at] 
Sent: Thursday, December 27, 2012 12:48 PM
To: NANOG (nanog at
Subject: SSL Certificates and ... Providers

Ok, so this might be a little off topic but I am trying to validate something a vendor is telling me and hoping some people here have expertise in this area...

I am working with a SSL certificate provider.  I am trying to purchase a quantity of wildcard SSL certificates to cover about 60 FQDN's across 4 domains.  Vendor is telling me that the Wildcard certificates are licensed per physical device it is installed on.  This means instead of using a single wildcard across 20 servers, I would have to buy 20 wildcard certs for 20 servers.

This does not compute in my brain and also in my mind completely defeats the purpose of a wildcard cert as I know it.  Has anyone run into this before?


More information about the NANOG mailing list