Using an EV SSL certificate and separate SSL certificates for subdomains

I am looking to use Cloudflare as a precautionary measure against DDoS attacks to my online store.

I currently have a domain that uses an EV SSL certificate (www.example.com) and a few subdomains that use regular SSL certificates (m.example.com and cdn.example.com).

Does the “Business” plan allow this setup? On the plan comparison page, I see it supports 1 “Bring Your Own SSL Certificate” but what about the subdomain certificates? Would they fall under “Custom SSL”? If so, is there a limit to the number of certificates I can upload there?

Thanks!

The Business plan can only upload a single Custom Certificate.

In your scenario, you would upload your EV certificate to cover www.example.com and then m.example.com / cdn.example.com would be covered by Cloudflare’s free Universal SSL, which is issued for *.example.com and example.com by default.

2 Likes

Thank you, @KianNH!

Everything worked out as you said :slight_smile:

Can you explain why you need an EV cert? Is there a business reason, or to comply with the (arbitrary) requirements of .bank, or something else entirely?

I always ask this, nobody ever has a good answer.

We run an online store so the only reason we’ve ever had is to make the customer feel good about it. Is it worth the price and headache of verification? Absolutely not.

But, going that extra step of letting the customer know that we care about security is reason enough to continue with it. Yes, a green padlock does not actually mean more secure than a yellow one, but it’s more about what it represents.

All that said, browsers are removing the green/yellow coloring so this might be the last year that I go the EV route. At most, next year will be the last.

If any of your customers see an EV user interface you can be sure they haven’t updated their browser in a few years!

1 Like

Correct!

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.