So far this is a year since Wildcard is discussing in WG , What is the final decision?

In short, can we use wildcards now ?
i am using a randomized to avoid SSE/Longpolls/Websockets to lock each other. we need wildcard for that.


no, not at the current time.

1 Like

I’d like to know the same. It should actually be pretty trivial to implement since DNS validation is already available :cry:


I work for a nonprofit organization.
I serve more than 40 sites.
Really need wildcards!

1 Like

40 is easy enough. You could have a single cert with all 40 on if you wanted to.

If you wanted them as individual certs, then the limit is 20/week. to it would only take 2 weeks (although I’d probably spread over 3). Since it’s all automated, the fact that the renewals are spread over time isn’t an issue, it just happens.

1 Like

Good news!
Previously, it was 5 per week.

There are 40 sites: (site* is the CNAME dhs-record).
5 per week or 20 per week?

You can 20 certificates for a given domain name per week … You can have all 40 subdomains on 1 certificate though (which only counts as 1 certificate).

You could have 2 certificates, each with 20 domains on (2 certificates )

or you could have 20 certificates with 2 subdomains on each …

or all on separate certificates, and spread over 2 weeks ( so within the 20/week limit).

or of course many other variables within the above.

1 Like

Please please please at least consider wildcard support. I really need it from someone now that the only sane wildcard pricing scheme has been distrusted by Firefox (StartSSL). $60+ per domain for TLS belongs in the past. There are many legitimate uses for wildcard certificates which can’t be accomplished by a mess of SAN entries.

1 Like

I agree there are many legitimate wildcard uses. There are also many ways that can be abused. Personally I don’t think it’s any coincidence that CA’s who provide such certs with little checking are the same ones that are becoming untrusted :wink:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.