Why is is a bad idea to use one SSL cert for many domains?

2 points by jarenhavell ↗ HN
I assume it is against best practice, but aside laziness, can anyone identify some specific reasons why a website host would actually want their ssl (LetsEncrypt) certs to cover hundrds of different customer domains? Seems like a bad idea, if only that it serves as a cold-call list for competators.

1 comment

[ 4.4 ms ] story [ 11.6 ms ] thread
We do because it increases costs and complexity to have a cert per domain. On AWS, you only get 25 certs per load balancer. We'll do a cert per domain if they ask, but we have to pass on the cost.

As for a cold call list, I can already Google and find a list of sites we host. It isn't as easy, but we aren't hiding it.