More and more commerce and important business transactions are being conducted over the internet today. As this migration from shopping at traditional "brick and mortar" stores into storefronts located in cyberspace, just a mouse click away, continues, security for transactions is becoming more and more of a concern. A skilled hacker can intercept information from these types of transactions, resulting in such calamities as identity theft or bank accounts being cleaned out. One of the tools that is commonly employed in internet security is the use of the Secure Sockets Layer, or SSL. The SSL protocol was first created by Netscape and was released in 1995. The SSL essentially creates a layer of security between the HyperText Transfer Protocol (HTTP) and the Transport Control Protocol (TCP) layers. The SSL uses a public or private key data encryption system and often involves the use of a digital certificate for authentication purposes. SSL, at this point, has largely morphed into the newer Transport Layer Security (TLS), but the terms are at least somewhat interchangeable.
A digital certificate, in essence, is an electronic identification card. The certificates are typically issued by an organization called a certification authority and will contain information such as a serial number, the name of the user the certificate is assigned to, expiration dates, and the user's data encryption key. Use of a digital certificate in the SSL allows a quick and easy method of user and transaction authentication by computer networks. There are two types of SSL certificates, however. The traditional SSL certificate allows the user to authenticate access to a single resource, such as www.article.com. A wildcard SSL certificate, by comparison, allows the user to authenticate access to multiple resource subdomains on a single digital certificate such as www.article.com, www.admin.article.com, and www.reference.article.com. When using such a digital certificate, you would specify the wildcard by placing an asterisk before the primary domain name in question, such as *.article.com. Doing this will allow any subdomain of that website that you choose to create to be authenticated by a single digital certificate. This allows a considerably less complicated, and possibly less expensive, authentication setup than attempting to keep up with the administration needs of numerous digital certificates.
So, if you are a website administrator of a site that has several subdomains and are seeking an appropriate
transaction security solution, a wildcard SSL certificate is very likely just what the doctor ordered.