Shared SSL certificate as subdomain

Question

My webhosting company offer free shared ssl certificates that I would like to take advantage off but here's the issue:

the SSL url looks like this https://web125.secure-secure.co.uk/myurl.com

I'm worried that when my customers make a purchase and they see that the URL isnt myurl.com they might be cautious or hesitant to continue the transaction.

so is it possible to map the ssl domain to https://secure.myurl.com

if not, are there any alternatives (apart from obviously buying my own certificate)

Answer 1

No it is not possible. The only alternative is to pay for a certificate unless you don't mind your users getting warnings in their browser.

The reason it is free is because your hosting company have paid for a wildcard certificate from a Certification Authority (CA) i.e. *.secure-secure.co.uk in which they can have any sub-domain. e.g. mycompany.secure-secure.co.uk.

If you want a certificate for your own domain e.g. mycompany.co.uk or you want a wildcard certificate to do stuff like services.mycompany.co.uk or extranet.mycompany.co.uk then you need to buy one, a wildcard certificate will be more expensive.

A certificate can only be used to validate a particular URL so you are basically paying a trusted source e.g. a Certification Authority such as VeriSign or DigiCert to vouch for your identity so users can know that when they hit https://www.mycompany.co.uk that traffic is encrypted and only the owner of mycompany.co.uk can decrypt it.

You're unlikely to a find a free source for valid SSL Certificates because the Certification Authorities will have had to pay to have their own identity verified and probably had to pay to have their own certificates built into operating systems to create a chain of trust. When you don't have a chain of trust or when a certificate URL does't match the URL you are visiting, this is when you get the big scary warning in your browser.