I purchased an inexpensive SSL Cert from GoDaddy. Right now everything on production is hosted off of
www.domain.com. When specifying the common name would a wildcard (i.e.
*.domain.com) cover the case of a lack of a third-level domain such as domain.com? Just to be sure, I made it for
www.domain.com rather than a wildcard. If it matters, I will be using with nginx and a mod_passenger.
If I want to cover everything including
www.domain.com etc., would a wildcard be the proper cert? Does the inexpensive GoDaddy cert ($12.99 / year) cover wildcard certs (it didn’t seem to for me)?
You won’t be getting a wildcard SSL certificate from anyone for $12.99. They are typically much more expensive; I see on GoDaddy’s site that their base price for wildcard SSL is $199/year, for instance.
A “normal” SSL certificate like you purchased should already serve both www.example.com and example.com.
You can probably get away with self-signed certificates for your development/staging servers.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.