Create wild card certs for several subdomains pointing to different servers


I know that currently (feb 2018) wild card certs are not yet available, but my question anticipates the availability in the near future.
I have serveral servers that split functionality of the same app.

  1. server1 serves: and all related sub domains:, ss3.
  2. server 2 serves: and all related sub domains, tt1.,, …

My goal is to limit the amount of certs and my question is formulated under the assumption that letsencrypt provides wild card certs.
My question is 2 fold.
Do i need multiple certs sinds a have multiple servers?
If yes, so If I need 2 certs for 2 servers, can these certs act a a wild card cert on and another cert on In other words can a wild card cert also be on a subdomain (and related sub domains) or is a wild card cert only applicable on and not on ?

Thanks for shedding a light on this.



* -> covers and but not nor

* -> covers and but not or anything lower

Wildcards don’t usually cover all the domains you want so they are typically combined with a non-wildcard domain listing. Let’s Encrypt will allow you to list a mix of 100 wildcard and non-wildcard domains on a certificate.

Judging by your example you would want two certificates:

  • * and
  • * and

You do not necessarily need two certificates for the two servers, but it is usually easier and always more secure to use different certificates on different servers where possible.


@Patches. This is a cristal clear. Many thanks.


so wait … when I want multiple levels I need to do *.* or is that impossible?


Unfortunately, that’s impossible. You can make a certificate with names like:

  • *
  • *
  • *

But multi-level wildcards are not possible.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.