I need to add SSL to parts of my app. The app’s structured so that
everything that needs to happen within SSL happens in one set of
controllers and the stuff that doesn’t happens in others. My business
model is to provide the app as a service with each customer getting
their own subdomain where each subdomain will have a similar
characteristic wrt secure vs. non-secure.
As I understand it, I need ‘single’ cert for my app, but will want /
need a ‘wildcard’ cert to handle the subdomains. My question is: can I
start with a single cert for my domain and later ‘upgrade’ that to the
wildcard version? Or will I replace the single with the wildcard? Or
will I have dug myself into a hole by starting with a single? Also, in
the subdomains, will it be possible to serve portions in secure mode and
others in non-secure?