SSL certificates and whether a wildcard common name will support domain.com

timpone asked:

I purchased an inexpensive SSL Cert from GoDaddy. Right now everything on production is hosted off of www.domain.com. When specifying the common name would a wildcard (i.e. *.domain.com) cover the case of a lack of a third-level domain such as domain.com? Just to be sure, I made it for www.domain.com rather than a wildcard. If it matters, I will be using with nginx and a mod_passenger.

If I want to cover everything including domain.com and staging.domain.com, www.domain.com etc., would a wildcard be the proper cert? Does the inexpensive GoDaddy cert ($12.99 / year) cover wildcard certs (it didn’t seem to for me)?

My answer:


You won’t be getting a wildcard SSL certificate from anyone for $12.99. They are typically much more expensive; I see on GoDaddy’s site that their base price for wildcard SSL is $199/year, for instance.

A “normal” SSL certificate like you purchased should already serve both www.example.com and example.com.

You can probably get away with self-signed certificates for your development/staging servers.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.