The wildcard certificate extension is the easiest and most convenient way to provide all subdomains with an TLS/SSL certificate. They only have to be installed once on the server to automatically secure all subdomains on the same IP with TLS/SSL. Subdomains created after the installation of the wildcard certificate are also protected.
Wildcard certificates are available for domain-validated certificates (DV) and for company-validated certificates (OV). There is currently no wildcard version available for certificates with extended validation (EV).

Creating Wildcard entries

The asterisk "*" is used for wildcard certificates. The wildcard entry can be placed anywhere in the domain name.

Please note that only the level of the subdomain on which the wildcard entry is located is covered by the certificate.  The correct common name must already be entered when the private key/CSR is created.

Example 1

CommonName: *.domain.tld

Covered: www.domain.tld, mail.domain.tld, login.domain.tld

Not covered: mail.www.domain.tld, www.start.domain.tld, reg.shop.domain.tld

Example 2

CommonName: *.www.domain.tld

Covered: shop.www.domain.tld, mail.www.domain.tld, start.www.domain.tld

Not covered: www.shop.domain.tld, login.shop.domain.tld, shop.domain.tld