How To Use A Wildcard SSL Certificate

A Wildcard SSL certificate is an incredibly versatile SSL option. A single Wildcard can secure connections for one domain and an unlimited number of subdomains.

Wildcard certificates can save your organization a substantial amount of money and eliminate the hassle associated with managing multiple certificates. (There are a few scenarios wildcard certificates aren’t a good fit for, which we’ll cover at the end of this article.)

Using a wildcard SSL certificate is quite easy – we’ll go over the basics of how to use a wildcard SSL certificate, as well as when you should and shouldn’t use them.

How To Use A Wildcard SSL: The Basics

Step 1: Generate a wildcard CSR

When you order an SSL certificate you are required to complete a certificate signing request (CSR). This CSR tells Comodo CA everything it needs to issue the certificate, including what domains to secure. When you fill out the CSR for a Wildcard, you place an asterisk at the sub-domain level you would like to secure.

For example: *.comodosslstore.com

When Comodo issues the wildcard certificate based on that CSR, it can be installed on any sub-domain at the same level as the asterisk. In our example, the Wildcard would cover all first-level sub-domains, such as:

• blog.comodosslstore.com
• help.comodosslstore.com

This gives you the flexibility to encrypt an entire domain and its accompanying sub-domains with a single certificate.

Step 2: Install as usual

There’s nothing special you need to do when installing a wildcard SSL certificate. The installation is identical to a standard certificate. If you add more subdomains in the future, your wildcard certificate will automatically cover them – you don’t need to update or reissue the certificate. This is called “futureproof” and it’s an incredible feature.

How To Use A Wildcard Certificate On Multiple Servers

In many cases, different subdomains will be hosted on multiple servers. For example:

• Main site hosted by your ecommerce platform
• Dashboard subdomain hosted on a Windows dedicated server
• Help subdomain hosted by help desk provide
• Blog hosted on a shared Linux server to support WordPress

The good news is that Comodo makes this easy. Every Comodo Wildcard certificate comes with unlimited server licenses, so it’s easy to install your wildcard SSL certificate on multiple servers.

There’s just one extra step you need to know about how to use a wildcard certificate on multiple servers – adding your private key to the additional servers.

The server you generated your CSR on will automatically have your private key. For every other server you’re installing the certificate on, you’ll need to provide your private key during the install process. You can usually copy/paste your private key from the server you generated your CSR on.

When should I use a Wildcard SSL Certificate?

For the most part, Wildcard certificates are a great choice for cost-minded organizations with sub-domains. The benefits of a Wildcard are undeniable in this situation:

• It’s much cheaper than encrypting sub-domains individually
• It’s much easier to manage one certificate than many
• It makes it easy to grow and still maintain secure connections

Wildcards are incredible products that have unparalleled versatility. But there are a couple of instances when using a Wildcard isn’t a best practice.

1. Don’t use a wildcard certificate for separate high security environments. An Wildcard SSL certificate offers the exact same level of encryption as other SSL certificates. But there is one risk factor related to private keys. If you’re sharing the same certificate and private key across multiple servers, system admins, and departments, there’s increased risk of leaking your private key which would compromise all 13 sites. So, if you’re in an industry that requires high security environments, you’re going to want to use multiple certificates and keys for each department and/or system.
2. Don’t use a Wildcard if you need business authentication. Wildcards aren’t available at the Extended Validation level. That’s largely for security reasons – EV SSL requires the greatest level of scrutiny during validation so rubber stamping whatever someone wants to host at the sub-domain level is very dangerous. If you want business authentication, specifically the EV green address bar on your sub-domains, you’ll need to encrypt them using individual certificates or a Multi-Domain with the sub-domains listed as SANs.

Have more questions about how to use a wildcard certificate? Contact our support team 24/7 for fast, expert help!

 

Comodo Wildcard Certificates – Save Up To 72%

Save a bunch when you buy your wildcard certificate direct. Get a Comodo Wildcard Certificate for less than $80 per year.
Compare Wildcard Certificates

 

Top Wildcard Certificates of 2021