Glossary

What Is Wildcard SSL Certificate?

A wildcard SSL certificate secures a domain and all its subdomains with a single certificate. It uses an asterisk (*) as a placeholder — for example, *.example.com covers www.example.com, blog.example.com, shop.example.com, and any other subdomain.

Why It Matters

Without a wildcard certificate, you need a separate SSL certificate for each subdomain. If you’re forwarding www.example.com, blog.example.com, shop.example.com, and app.example.com — that’s four certificates to manage. A wildcard certificate covers them all with *.example.com.

How Wildcard Certificates Work

CertificateCoversDoesn’t Cover
*.example.comwww.example.com, blog.example.com, anything.example.comexample.com (apex), a.b.example.com
example.comexample.com onlyAny subdomain
SAN certExplicitly listed domainsAnything not listed

Important: A wildcard certificate for *.example.com does not cover the apex domain example.com itself. You typically need both *.example.com and example.com on the same certificate.

Wildcard Certificates and Forwarding

Wildcard certificates pair with wildcard forwarding — where any subdomain of your domain gets forwarded:

*.old-brand.com → new-brand.com

This requires:

  1. A wildcard DNS record pointing to the forwarding server
  2. A wildcard SSL certificate on the forwarding server
  3. Forwarding logic to handle all incoming subdomains

Domain Forward handles all three automatically when you enable wildcard forwarding.

Related Terms

SSL Certificate Subdomain SAN Certificate (Subject Alternative Name) TLS (Transport Layer Security)

Related Features

Https Domain Forwarding Wildcard Forwarding

Frequently
asked questions

Domain Forward can use either individual or wildcard certificates depending on the configuration. For domains with wildcard forwarding enabled, a wildcard certificate covers all subdomains automatically.

Still Confused? Try It Free.

Set up your first domain forward in under 5 minutes. Free plan includes 5 domains.

Get Started Free
Rated 5.0 on G2