Wildcard SSL certificate: what is it and when do you need it?
Last updated: 31 December 2025
What is a wildcard SSL certificate?
A wildcard SSL certificate secures your main domain and all subdomains with a single certificate. Instead of separate certificates for www.example.com, mail.example.com and shop.example.com, *.example.com covers everything.
When do you need a wildcard?
Many subdomains
If you regularly create subdomains, a wildcard saves time and management. Think of:
- Multilingual sites (nl.example.com, en.example.com)
- SaaS platforms (client1.example.com, client2.example.com)
- Development environments (dev.example.com, staging.example.com)
Dynamic subdomains
With white-label platforms or user subdomains, you don't know in advance which subdomains you'll need. A wildcard automatically covers all new subdomains.
Limitations of wildcards
First level only
A wildcard for *.example.com covers shop.example.com, but not secure.shop.example.com. For deeper levels, you need separate certificates.
Higher costs
Wildcards are more expensive than standard certificates:
- Let's Encrypt: free (with DNS verification)
- Paid: €100-500 per year
Security risk
If a wildcard's private key leaks, all subdomains are vulnerable. With separate certificates, damage is limited.
Wildcard via Let's Encrypt
Free wildcards are possible, but require DNS verification:
sudo certbot certonly --manual --preferred-challenges dns -d "*.example.com" -d "example.com"
You must add a TXT record to your DNS to prove ownership. For automatic renewal, you need a DNS provider that offers API access (like Cloudflare).
Alternatives
SAN certificate
A Subject Alternative Name (SAN) certificate can contain multiple specific domains. Useful if you have a known number of subdomains.
Separate certificates
With Let's Encrypt, you can request unlimited separate certificates. With fewer than 10 subdomains, this is often more practical than a wildcard.
Our recommendation
Use a wildcard if you have more than 10 subdomains or dynamically create subdomains. For smaller setups, separate Let's Encrypt certificates are easier to manage.
Was this article helpful?
Compare hosting packages directly to find the best choice for your situation.
Related articles
What is web hosting? Explanation for beginners
Discover what web hosting is and how it works. Complete explanation about servers, domains and different hosting types for beginners.
What is VPS Hosting?
VPS hosting explained: what is a Virtual Private Server, who is it suitable for and what are the advantages compared to shared hosting?
What is an SSL Certificate?
Everything about SSL certificates: what is SSL, why do you need it and how do you recognize a secure website? Essential for every website.
What is Uptime in Web Hosting?
What does uptime mean in web hosting? Learn about uptime percentages, SLA guarantees and why 99.9% uptime is important for your website.
How much storage do I need for my website?
Discover how much disk space you really need for your website. Practical guide with examples per website type.