Certum Commercial SSL Multi-Domain is a Domain Validation (DV) digital certificate designed for advanced data transmission security, combining support for both traditional 2048-bit RSA keys and modern ECC (Elliptic Curve Cryptography) keys based on elliptic curves (e.g. secp256r1), which ensures optimized performance and security according to infrastructure requirements. The certificate uses hybrid AES-256-GCM encryption in TLS 1.3 and supports TLS 1.2/1.3 protocols, guaranteeing low latency and resistance against MITM (Man-in-the-Middle) attacks.

Thanks to SAN (Subject Alternative Names) technology, up to 300 unique domains and subdomains (FQDN) can be secured under one certificate, including internationalized names (IDN), domains from different TLDs, and IPv4/IPv6 addresses. The implementation of ECC enables the generation of shorter cryptographic keys (e.g. 256-bit ECC keys offer encryption strength equivalent to 3072-bit RSA keys), reducing processor load and accelerating the TLS handshake – a crucial advantage for applications requiring high throughput (e.g. CDN, IoT, cloud environments). The domain validation process is performed automatically via DNS, email, or file verification without the need to provide organizational documents. The certificate ensures compatibility with 99.9% of browsers and devices, including support for older systems through fallback to RSA and optimization for newer environments that support ECC. An entry in the Certificate Transparency Logs, unlimited server licensing (including support for clusters and load balancers), and the possibility of free certificate re-issuance (re-issue) when modifying the list of domains provide flexibility in infrastructure management.

The solution meets PCI DSS, NIST, and BSI standards, and also offers a financial guarantee of up to €200,000. Certificate issuance is reduced to just a few minutes after successful verification, making it ideal for dynamic DevOps environments, microservices, and organizations managing distributed network resources where combining the highest security, performance, and scalability with both RSA and ECC is a priority.

Want to secure only one domain? Check out the standard version Certum Commercial SSL for a single domain.

• Support for up to 300 SANs: In one certificate, thanks to Multi-Domain SAN (Subject Alternative Names) technology, both domains and subdomains are supported.
• 256-bit Encryption: With the option to choose between RSA 2048-bit or ECC (Elliptic Curve Cryptography) algorithms – offering flexibility in selecting the cryptographic technology for an optimal balance between performance and security.
• Support for ECC (Elliptic Curves): Shorter keys (e.g., 256-bit ECC vs. 3072-bit RSA) provide higher performance and lower system load, ideal for mobile devices and IoT.
• Fast Domain Validation (DV): An automated issuance process without the need to provide company documents.
• Compatibility with 99.9% of Browsers and Devices: Achieved through certification by global trust roots (Certum Trusted Root CA), including support for ECC in modern environments.
• Financial Guarantee up to €200,000: To cover any damages resulting from certification errors.
• Management Flexibility: The ability to add, remove, and modify domains during the validity period of the certificate.
• Automatic Renewal: Certificate reissuance supported by the Certum API for integration with IT systems.
• Unlimited Server Licensing: The certificate can be deployed on any number of physical, virtual, or cloud servers.
• Support for OCSP Stapling Technology: Minimizes delays in verifying the certificate’s status (for both RSA and ECC).
• Compliance with GDPR and eIDAS Requirements: Ensuring secure data processing in accordance with EU legal regulations.
• Dedicated Technical Support: Provided in Polish by the Certum expert team.
• Cost Optimization: Reduces expenses associated with managing multiple certificates by consolidating domains.
• Future-proof Security: ECC is recommended by government agencies (e.g., NIST) as the standard in modern cryptography.

Certum Commercial SSL Multi-Domain Security Seal is a static graphical element that can be placed on a website to signal active SSL protection. Although it is not interactive, its presence in a visible location builds user trust by indicating that the site is using a verified SSL certificate with data encryption. The seal contains information about the issuer (Certum) and the product name, and its design is professionally prepared and adapted to modern visual standards. To verify the certificate details, the user must manually check the padlock icon in the browser’s address bar.

Validation procedure for the Certum Commercial SSL Multi-Domain certificate is based on an automated domain ownership verification process (Domain Validation). The issuer (Certum) requires confirmation of control over each domain added to the certificate through one of the following methods: email verification (to the domain’s administrative addresses, e.g. admin@, administrator@), adding a DNS TXT record in the domain’s DNS zone, or placing a verification file in the root directory of the web server. The process is fully automated – after placing an order, the user receives instructions for the chosen methods, and once they are followed, the certificate is generated within a few minutes. In the case of adding new domains to an existing certificate (SAN), re-verification of these domains is required, though without the need to repeat the entire procedure from the beginning. Certum does not require the submission of company documents or additional authorization, which minimizes turnaround time. All steps are monitored through a management panel, and notifications regarding the verification status are sent via email. Full validation procedure has been described in our knowledgebase: Validation and verification for Certum Commercial SSL certificate.

Certum Commercial SSL Multi-Domain (DV) uses SAN (Subject Alternative Names) technology, enabling the securing of up to 300 different domains and subdomains under one certificate. This feature allows you to add both primary domains (e.g., example.com) and subdomains (e.g., shop.example.com) to the SAN list. All domains covered by the certificate benefit from the same level of encryption (256-bit for RSA/ECC) and are automatically recognized by browsers and devices. Thanks to management flexibility, the user can modify the SAN list (add, remove, or edit domains) during the certificate’s validity period without the need for reissuance. SAN technology also eliminates the need to purchase separate certificates for each domain, thereby optimizing costs and simplifying administration. The certificate is compatible with both modern and legacy systems, providing consistent protection for various IT environments (servers, cloud, IoT devices).

Certum Commercial SSL Multi-Domain provides full compatibility with 99.9% of web browsers, operating systems, and mobile devices, including the latest versions of Chrome, Firefox, Safari, and Edge, as well as older environments. Thanks to certification by the global trust roots Certum Trusted Root CA, the certificate is automatically recognized by most devices (computers, smartphones, tablets) and browsers without the need to install additional files. Support for both RSA 2048-bit and ECC (elliptic curves) ensures compatibility with modern mobile devices, IoT, and systems that require efficient cryptographic solutions. The certificate also works on older browsers (e.g., Internet Explorer from version 7) and systems, maintaining security through encryption that complies with current industry standards. Please check the full list of supported devices and browsers.

Certum Technical Support offers assistance with the installation, configuration, and integration of the certificate on your server. The team of experts is available via phone, email, or a ticket system, enabling quick resolution of issues. With this service, you receive help with key generation, settings verification, and updates, ensuring the stable and secure operation of the certificate.