A wildcard certificate is a public key certificate (like SSL/TLS) that can be used to secure all first-level subdomains of a single domain name, purchased from a trusted public certificate authority. Instead of purchasing a distinct certificate for each of your subdomains, you could use a single wildcard certificate to secure all these subdomains.
So, for example, if you had a wildcard certificate for venafi.com you could possibly cover:
- www.cyberark.com
- mobile.cyberark.com
- shop.cyberark.com
- Cloud.cyberark.com
What are the benefits of wildcard certificates?
The most obvious benefit of using a single wildcard certificate to secure multiple domains is that it’s easier to manage and more affordable since there is only one certificate to issue, manage, and renew.
Another benefit is that whether you are using one or multiple TLS/SSL certificates, HTTPS will increase the chances of your website ranking on top of search engine pages. From a business perspective, this is a critical step towards maintaining your brand reputation. Not having an SSL certificate means search engines will show a warning message to the visitors when they enter your website from the search results page. It’s the quickest way to create a bad customer experience and lose customers’ trust in your brand.
What are the security risks of wildcard certificates?
Without proper security, control, and monitoring, wildcard certificates can be misused by cybercriminals to exploit the trust organizations have in them. In that sense, wildcard certificates are less secure and can open the door to phishing attacks. They create significant security risks since the same private key is used across multiple systems, increasing the risk of compromise across your organization. Here are the most common risks:
- Compromised web server: Using a wildcard certificate on public-facing webservers increases the risk that cybercriminals will use the webserver to host malicious sites for phishing campaigns.
- Stolen private key: Gaining access to a wildcard certificate’s private key provides attackers with the ability to impersonate any domain for the wildcard certificate.
- Fake certificates: Cybercriminals can trick a CA into issuing a wildcard certificate for a fictitious company. Once a hacker has the fictitious company’s wildcard certificates, the attacker can create subdomains and establish phishing sites.
Why are wildcard certificate compromises so serious?
If cybercriminals infiltrate your domain, they’ll gain privileges to create unlimited domains—all encrypted by your wildcard certificate. Even worse, these subdomains will appear to be valid because they are authenticated by your wildcard certificate. These illegitimate subdomains allow cybercriminals to host malicious websites that they can then use in phishing campaigns.
Visitors to the phishing site are not likely to realize that they are on the phishing site because their browsers establish an HTTPS connection using the legitimate wildcard certificate. All these visitors often see is the green highlighted part of the URL which signals a valid site. Most visitors are not likely to scroll through the entire URL to discover the part of the URL which would arouse suspicion about its validity.
What do you need to know before using a wildcard certificate?
- Do you understand the security risks? Do you have a plan for how to limit your use of wildcard certificates to a specific purpose? Do you have controls in place to prevent wildcard certificates from being used as a stop-gap for emergency projects? Limiting your use of wildcard certificates will help you better control their security.
- Are you trying to save time? Are you looking at wildcard certificates because you are finding it too difficult to install or too time consuming to get certificates? If so, that may be a symptom that you’re not using the right solution to manage your machine identities. With proper levels of visibility, intelligence and automation, you can avoid wildcard certificates altogether and still end up with a more secure implementation that is just as easy to deploy and much easier to manage.
- Are you trying to be more efficient? Do you have a large number of sites hosted on a small amount of external infrastructure? If so, you should have excellent controls in place to make sure the wildcard certificate is not copied and distributed to other systems.
- Are you only trying to save money? If so, you need to weigh the security risks against the cost savings. You may save money on the initial implementation but spend even more later when an unknown wildcard certificate expires and causes an outage. Plus, it’s likely to take dozens of staff hours to untangle a complex web of wildcard certificates that has been allowed to grow organically.
Learn more about machine identity security, and how it can benefit your organization!
