It's a wildcard for $140-ish, which is the cheapest I could find. The wildcard means it works for blah.domain.com, otherblah.domain.com, etc, etc.
Basically there are those "extended verification" certs that give you the green crap in the address bar. Which I don't think users actually care about.
And yeah, the whole SSL business is an insane racket.
I don't know about racket, but you can read my other comments for, I hope, some more insight.
As for the green-bar - I'll admit it's taking some time to get hold, but testing (not just from my CA, but all of them) has shown consumer awareness is increasing and people are inclined to 'trust' the green a bit more.
Mind you, the same users will stick their bank login details on a phishing page with no ssl hosted on some .cn....so what can you do, eh? :)
Sorry, despite my many posts in this thread already I can't resist to vent about the green-bar stunt, too.
So, one day the CAs discovered that their regular certification procedure is broken. That the "normal" certs are effectively unfit for their stated purpose.
Am I the only one who would have expected them to go back, properly re-validate their certs and fix the problem that way? Or at least perform this procedure at expiry time?
I mean, I understand that inventing new levels of "secure" (with fancy colors even) is a much more effective way to sell more certs and crank up the prices. But heck, can you think of a comparable stunt in any other industry?
Just imagine a watch-maker who has a problem with water-proofing to invent an "even more water-proof" label instead of fixing their mishap. It would rain tears and lawyers...
You're right - that should have happened.
It didn't of course, because the company(-ies) that started the DV issuance didn't want to go back and fix it.
As well as that, if the browser/OS people did 'downgrade' the DV certs, millions of customers by that point would be affected. Assuming they cared about the customers and not the heavy pressure to do nothing from....larger CAs.... ;)
https://www.servertastic.com/rapidssl/
It's a wildcard for $140-ish, which is the cheapest I could find. The wildcard means it works for blah.domain.com, otherblah.domain.com, etc, etc.
Basically there are those "extended verification" certs that give you the green crap in the address bar. Which I don't think users actually care about.
And yeah, the whole SSL business is an insane racket.