Wildcard restrictions


#1

I have 2300 subdomains. Does the wildcard certificate have limitations? I use shared hosting. Is there any instructions for noobs how to release let’s encrypt wildcard certificate? Thanks in advance!


#2

Wildcard does not have a restriction on subdomains (if all of those are first-level subdomains)

One point you’ll need to know is: Wildcard use DNS-01 validation & might need to renew manually in shared hosting (in this case, updating the certificate for each host 2300 times might be painful)

Thank you


#3

To be clear:

The wildcard *.example.com is valid for anything.example.com,
but is NOT valid for something.anything.example.com


#4

To add confusion, that’s true for a wildcard certificate, but a wildcard DNS record for *.example.com applies to anything.example.com and something.anything.example.com (but not example.com).


#5

Thanks for the explanation!


#6

Do I need to release it every 90 days?


#7

Let’s Encrypt certificates are valid 90 days, so you need to renew them before.


#8

Hi @oxojeck

first check, if your hoster has an integrated solution (Plesk or cPanel with Letsencrypt support). If yes, try to use that. Shared hosting has often limitations, so you may not be able to install a certificate directly. So you have to use the standard control panel.


#9

Thanks. They have own CP and there is ssl interface.


#10

Then use that.

  • Option 1 - wildcard certificates are possible -> use that
  • Option 2 - SAN-certificates (one certificate with max. 100 domain names) are possible. 2300 / 100 = 23 - you need 23 SAN certificates.

But check the rate limits:


#11

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.