Wildcard Certificate
A certificate that secures a domain and all its subdomains
A Wildcard SSL certificate is designed to secure a primary domain and all of its first-level subdomains with a single certificate. The certificate's Common Name uses an asterisk (*) as a wildcard character, such as *.example.com, which would secure www.example.com, mail.example.com, shop.example.com, and any other first-level subdomain. Wildcard certificates are cost-effective and administratively efficient for organizations that need to secure multiple subdomains, as they eliminate the need to purchase and manage separate certificates for each subdomain.
However, wildcard certificates only cover first-level subdomains - they would not secure deeper levels like admin.mail.example.com.
The security consideration with wildcard certificates is that if the private key is compromised, all subdomains protected by that certificate are affected. Wildcard certificates are available with Domain Validation (DV) and Organization Validation (OV) but traditionally not with Extended Validation (EV), though some CAs now offer EV wildcard certificates under specific circumstances.
Where You'll See This Term
This term commonly appears in:
- SSL certificate details pages
- Certificate Authority validation processes
- SSL configuration documentation
- Security audit reports
- Certificate management interfaces