How Do Wildcard SSL Certificates Work?

Rate this article: 1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 4.50)
Loading...

wildcard certificate unlimited subdomains

A Wildcard SSL certificate is an incredibly versatile tool for encrypting a website and an unlimited number of sub-domains. It provides myriad advantages in the form of its flexibility, cost-effectiveness and ease of management.

But how do wildcard certificates work? Here’s an explanation of how a Wildcard certificate works both in theory and in practice.

How Wildcard SSL Certificates Work: Securing Unlimited Sub-Domains

A Wildcard, at its heart, is just an SSL certificate that allows all the sub-domains at one level to be encrypted along with the main domain:

https://subdomain.maindomain.com/somefolder/somepage.html

Typically, an SSL certificate is will only protect a single subdomain. For example, if your SSL certificate is for www.maindomain.com, then it won’t work for blog.maindomain.com.

With a Wildcard Certificate, all subdomains on your main domain can be secured. Here are some examples of sub-domains:

  • mail.domain.com
  • login.domain.com
  • dev.domain.com

These are all examples of first-level sub-domains. They can all be secured with the same Wildcard. With no limit. A Wildcard can literally secure an infinite number of sub-domains on the same level.

  • member.mail.domain.com
  • login.mail.domain.com
  • dev.mail.domain.com

These are examples of second-level sub-domains. You would need an additional Wildcard to encrypt the sub-domains on this level, along with one to encrypt at the first sub-domain level.

Wildcard certificate csr

When creating a CSR for your wildcard certificate, enter your domain as *.domain.com

How Wildcard SSL Certificates Work: Setup

From a technical standpoint, it comes down to the generation of the CSR. Comodo issues you an SSL certificate in which the common name is filled out as: *.yourdomain.com. It also includes a Subject Alternative Name (SAN) field that lists just your domain name, yourdomain.com.

The result is that the asterisk used at the designated sub-domain level allows the certificate to be used on any sub-domain that belongs to your domain. The SAN ensures that the certificate works without a sub-domain.

All you need to do is purchase a wildcard certificate, then generate a CSR with the wildcard character before your domain, like this: *.domain.com.

Simple, right?

Wildcard SSL Certificates

Comodo Wildcard Certificates – Save Up To 72%

Save a bunch when you buy your wildcard certificate direct. Get a Comodo Wildcard Certificate for less than $80 per year.
Compare Wildcard Certificates

It's only fair to share...
Share on Facebook
Facebook
0Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin