Domain and Subdomain on One Wildcard/Certificate on Nginx

Please direct me elsewhere if this is the wrong place, I have a site ( that I generated a certificate and a wildcard for, no problems there. However, how would I go about making it so, for example, would be valid/covered with that SSL certificate/wildcard?

I’m self-hosting on Ubuntu 18.04.

1 Like


Your certificate only covers the root domain, which means it won’t work on www and other subdomains.
Since you are using Digital Ocean DNS, what script did you use to obtain the certificate?

If you want a wildcard certificate, you must obtain it using DNS challenge, which is better used with automated programmable interfaces. Fortunately, your DNS provider does have this feature and most ACME script support this provider.

Please check your script and see if there’s support for Digital Ocean API. The script I used (certbot and all support this provider and have instructions online.

Thank you


I followed this tutorial, which I ended up using this to get (what I’m assuming) is the wildcard certificate?

./certbot-auto certonly --manual --preferred-challenges=dns --email <my email> --server --agree-tos --d *
1 Like

The command would indeed get a wildcard certificate without the root domain. If you want to do this and repeat the whole process every 2-3 months, you can choose to use the below command:

./certbot-auto certonly --manual --preferred-challenges=dns --email <my email> --server --agree-tos --d * -d

(What I did is to add your root domain to the last)

Certbot also have Digital Ocean API support so you could use that (along with the correct information from your digital ocean account) to automatically pass the validation and obtain certificate.

Thank you


The command you modified, would that allow me to have one single certificate for both my root and subdomain? If so, how would I configure this within Nginx if there were two sites (one for the root, and another for the sub)?

1 Like

Yes. It will allow you to use one certificate for both domain and subdomains (first level).
It’s the same to what you used before, just specify the same certificate in all virtual host the certificate should cover.


1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.