Ordering a Wildcard SSL Certificate
Table of Contents
- Before You Start
- Ordering a Let’s Encrypt Wildcard Certificate
- Ordering a Sectigo Wildcard Certificate
- Next Steps
- Have more questions?
Wildcard certificates allow you to secure an unlimited number of names belonging to a single subdomain level. They contain an * as the hostname.
APEX (root) Domain
_____|____
/ \
*.dnsimple.com
|
wildcard
Before You Start
- Determine whether you need a Let’s Encrypt (free, 90-day validity) or Sectigo (paid, 200-day validity as of March 2026) wildcard certificate. See Sectigo vs Let’s Encrypt for a detailed comparison.
- Let’s Encrypt wildcard certificates are available only on certain plans. See the differences between plans.
- Sectigo wildcard certificates support only one wildcard name per certificate.
Warning
When ordering a Let’s Encrypt wildcard SSL certificate, the wildcard (*) will only secure subdomains. A wildcard certificate cannot secure the root domain (such as example.com). If you want to secure both the root domain and subdomains with Let’s Encrypt, you will need to order an additional certificate.
Ordering a Let’s Encrypt Wildcard Certificate
Steps to order a Let’s Encrypt wildcard certificate
- Follow the instructions to order a Let’s Encrypt certificate.
-
When the certificate form requests the name, use the
*character to represent the subdomain level you want the certificate to cover.- To request a certificate for
*.example.com, enter*. - To request a certificate for
*.app.example.com, enter*.app.
- To request a certificate for
- If your plan supports multiple names (SAN), you can add more than one certificate name in the same certificate.
- Submit the order. DNSimple will automatically handle the DNS-based validation.
Ordering a Sectigo Wildcard Certificate
Steps to order a Sectigo wildcard certificate
- Follow the instructions to order a Sectigo certificate.
-
When the certificate form requests the common name, use the
*character to represent the subdomain level you want the certificate to cover.- To request a certificate for
*.example.com, enter*. - To request a certificate for
*.app.example.com, enter*.app.
- To request a certificate for
- Complete the remaining order steps, including selecting the signature algorithm and submitting the order.
- Complete email-based domain validation when prompted.
Next Steps
Once your wildcard certificate has been issued, install it on your server:
- Installing an SSL Certificate
- Choosing the SSL Certificate Names to understand how wildcard names are matched
Have more questions?
If you have additional questions or need any assistance ordering a wildcard certificate, just contact support, and we’ll be happy to help.