What is a wildcard SSL certificate and where can you use it for? A Wildcard Certificate secures every subdomain on a root domain. When using a Single Domain certificate, it will be connected with a specific (sub)domain, for example www.yourdomain.com. A Wildcard Certificate will be requested on *.yourdomain.com. This makes it possible to secure an unlimited amount of subdomains. Note: This only works on one level, not for *.*.domain.com
Requesting an SSL wildcard
A Wildcard Certificate can be requested via the website. For the request, a CSR is required. The Common Name (the domain name on which the certificate is requested) needs an asterisk (*) in front of the root domain. For example *.yourdomain.com. The asterisk makes your certificate valid for all subdomains.
The delivery time depends on the brand and on the type of validation (DV/OV). A Wildcard Certificate with Domain Validation can be issued within 10 minutes (if the request is correct and Domain will be Validated directly).
The delivery time of a Wildcard Certificate with Organisation Validation differs from 15 minutes to 2 days, depending on the brand.
Possibilities of an SSL wildcard
A Wildcard SSL certificate is most suitable for users who want to secure a large amount of subdomains. If you want to secure a larger amount of subdomains, the Wildcard Certificate is in most cases more advantageous than a Multi Domain Certificate. For a Multi Domain certificate, apart from the first standard amount of domains, all added domains/SAN's will be charged seperately and the certificate will only work for those domains. A Wildcard Certificate works for all subdomains, so no reissue is needed in case a new subdomain needs to be secured. The same certificate can be implemented for the new subdomain.
For example, the Wildcard Certificate secures www.yourdomain.com, mail.yourdomain.com, shop.yourdomain.com and example.yourdomain.com. A wildcard certificate can be used for one sub (the variable) before the root domain. It's not possible to secure two subdomains, such as: example.example.yourdomain.com with the same certificate. In this case a certificate for *.example.yourdomain.com should be requested.
Only the GeoTrust RapidSSL Wildcard, Sectigo (formerly Comodo) Positive SSL Wildcard, Comodo Premium SSL Wildcard and the GlobalSign Organisation Wildcard certificates are also valid for the root domain, without a sub. For example: yourdomain.com. The other offered Wildcard Certificates are not suitable for securing the root domain.
Wildcard Certificates are available with:
- Domain Validation (without business data in the certificate)
- Organisation Validation (with business data in the certificate)
It's not possible to order a Wildcard certificate with Extended Validation (green address bar).
Adding a Wildcard to an MDC
In a few Multi Domain Certificates it's possible to add a Wildcard Domain. This can be useful if you want to secure different domains with all their subdomains in one certificate.