ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Using a single SSL certificate for multiple network interfaces in Encryption Management Server


Article ID: 222513


Updated On:


Encryption Management Server Gateway Email Encryption


If you have multiple network interfaces in Encryption Management Server you will almost certainly need an SSL/TLS certificate for each interface.

However, this does not necessarily mean that you need to create multiple certificates.


Symantec Encryption Management Server 10.5 and above.


Rather than using unique certificates for each network interface you can use one certificate that contains multiple SAN (Subject Alternative Name) values.

For example, suppose that Encryption Management Server is configured like this:

  • Interface 1, IP, DNS name
  • Interface 2, IP, DNS name
  • Interface 3, IP, DNS name

One option is to create three separate SSL certificates with these CN (Common Name) values and assign each certificate to the relevant network interface:


To avoid using multiple certificates you could create a single certificate with:

  • A CN value of
  • A SAN value of, and

Then assign this single certificate to Interface 1, Interface 2 and Interface 3.