What is the Common Name?
The Common Name (also CN) identifies the fully qualified domain name(s) associated with the certificate. It is typically composed by an host and a domain name it looks like (e.g.
Depending on the certificate type, it can be one or more hostnames belonging to the same domain (e.g.
http://www.example.com), a wildcard name (e.g.
*.example.com) or a list of domains. In all cases, it don’t include any protocol (e.g. http:// or https://), port number or pathname.
The certificate is valid only if the request hostname matches at least one of the certificate common names.
Wildcard or Single-Hostname?
Read the article Choosing the SSL Certificate Common Name if you need help to determine the most appropriate common name for your certificate.
Most web browsers displays a warning message when connecting to an address that does not match the common name in the certificate.
Example of host name mismatch error on Google Chrome
Example of host name mismatch error on Google Safari
Choosing the SSL Certificate Common Name
An SSL certificate is required to be associated with one or more hostnames, called common name.
The common name determines which hostnames are covered by the certificate and must be selected at the time of the purchase. DNSimple provides both single name and wildcard certificates.
Single name certificate
The single name certificate is valid only for the hostname specified with the certificate.
For example, if you purchase a certificate for the hostname
secure.example.com, you can’t use it for
example.com. Any attempt to serve these hostnames with the certificate will result in a security warning in most browsers.
The only exception is the root domain, in case you purchase a certificate for the www-hostname, as described below.
The wildcard certificate is valid only at a single level sub-domain. You use the wildcard “
*” symbol to indicate the sub-domain.
For example, if you purchase a wildcard certificate for
*.example.com, you can use it in any
example.comfirst-level subdomain such as
private.example.com. However, you can’t use it for
Securing the Root domain
Both single name and wildcard certificates can be used on the root domain (e.g.
example.com) at the following conditions:
- For the single name certificate you must purchase a certificate for the www-hostname (e.g.
http://www.example.com). If you purchase a certificate for the root domain you will not be able to use it for the www hostname.
- For the wildcard certificate you must purchase a certificate for the third level domain pattern (e.g.