Wildcard certificates and Public Suffix List

Hello,

can Letsencrypt issue a wildcard certificate

*.domain.com

if “domain.com” is listed in the private section of the PSL? https://publicsuffix.org/list/public_suffix_list.dat

Thanks

If it is actually in the private section, it should be possible. See this comment for a situation where a domain was listed in the wrong section:

So I guess we shouldn’t expect any issue if we will list the domain in the private section.

Thanks

@jsha Can you confirm that you only block issuance for the ICANN section of the PSL? (And not the PRIVATE one)

Yep, I confirm this.