Commercial certificates can be costly to acquire and time-consuming to manage. Not surprisingly, they are seen by some as a barrier for HTTPS adoption. So, when wildcard certificates first entered the security scene, many IT organizations cheered, hailing them as a money-saving option that would allow them to secure multiple subdomains with a single certificate. Just one certificate to issue, share across multiple devices, and renew when the time comes – and all your services are secure! What’s not to like?
However, despite the promise of convenience, wildcard certificates are not as secure as regular commercial certificates, and organizations that rely on them extensively are putting their device and network safety at risk.
How do they work?
Commercial certificates are usually acquired for specific host names (e.g. https://mail.mydomain.com). The certificate works fine as long as the domain name in the certificate and the domain name for the application or service match; any deviation in the CN entry or SAN (Subject Alternate Name) will result in a certificate error. Now, imagine there is a need for a domain https://mail1.mydomain.com and it needs to be secure. The only viable option is to get a new certificate or a multiple domain SAN certificate – if IT has advanced notice about all the domains required.
A wildcard certificate, in contrast, works with any first-level subdomain of a primary domain name, so it is automatically valid for https://mail.mydomain.com or https://mail1.mydomain.com, as well as https://intranet.mydomain.com or, say, https://invoices.mydomain.com.
I still don’t see the security risk here…
Allow us to explain. This is exactly where security teams begin to run into problems. The larger the number of subdomains that are secured by the same certificate, the higher the likelihood that if (or rather, when!) one wild card certificate is compromised, all other services that make use of it for secure communication will be rendered broken as well.
The idea that promised you simplicity and ease has a potential of violating many of the key principles of information security, including confidentiality, integrity, authenticity and non-repudiation.
In the age of automation, there’s no reason to skimp on security by reusing certificates. A certificate lifecycle automation (CLA) solution, like CERT+ from AppViewX, can help you acquire and manage any number of digital certificates, protecting your enterprise and reducing the threat to the business.
Certificate Lifecycle Automation tools offer the best of both worlds.
Wildcard certificates are billed as a cheaper option, but any cost savings you realize from managing multiple subdomains with a single certificate can be wiped out in seconds if your organization suffers a certificate-related outage or a breach. An automated CLA solution saves you money by reducing the risk of business interruptions, and also by allowing application, network and security teams to use self-service to manage certificates using automated workflows. With AppViewX, discovering, creating, renewing, provisioning and revoking certificates is easy – and it can support thousands of users and all of your devices. Now, that’s real convenience – without the compromise.
Want to learn how to reduce costs, enforce compliance and eliminate certificate management errors with AppViewX? Get a personalized demo or start a free trial here.