Ordering a Wildcard SSL Certificate

Table of Contents


Wildcard certificates allow you to secure an unlimited number of names belonging to a single subdomain level. Wildcard certificates can make certificate management easier in some cases. However, you should avoid them unless you have a specific need, such as multi-tenant applications.

Wildcard certificates are no different from single name certificates. They contain an * as the hostname.

    APEX (root) Domain
      _____|____
     /          \
   *.dnsimple.com
   |
wildcard

When ordering a Let’s Encrypt wildcard SSL certificate, the wildcard (*) will only secure subdomains. A wildcard certificate cannot secure the root (such as example.com). If you want to secure both the root domain and subdomains with Let’s Encrypt, you will need to order an additional certificate.

Let’s Encrypt or Standard

Both providers support wildcard certificates. Let’s Encrypt certificates are free, but are only valid for a short period. Sectigo certificates are valid for much longer, but also come with a cost per wildcard certificate.

You can learn more about the differences between standard and Let’s Encrypt certificates in the corresponding article.

Let’s Encrypt wildcard certificates are available only on the following plans: Professional or Business.

Use * for a wildcard certificate

To include any subdomain in a certificate, you need to use an asterisk * as the subdomain.

Order overview for Let's Encrypt wildcard certificate

Let’s Encrypt

To order a Let’s Encrypt wildcard certificate, follow the instructions to order a Let’s Encrypt certificate.

When the certificate form requests the name, use the * char to represent the subdomain level you want to request the certificate for.

For instance, to request a certificate for *.example.com, just enter *. To request a certificate for *.app.example.com, enter *.app.

If your plan supports multiple names (SAN), you can add more than one certificate name in the same certificate.

Standard

To order a Sectigo wildcard certificate, follow the instructions to order a Standard certificate.

When the certificate form requests the common name, use the * char to represent the subdomain level you want to request the certificate for.

For instance, to request a certificate for *.example.com, just enter *. To request a certificate for *.app.example.com, enter *.app.

Standard wildcard certificates support only one wildcard per certificate.

Install the certificate

To learn how to install the certificate, take a look at Installing an SSL Certificate.