Alibaba Cloud Certificate Management Service supports wildcard certificates. You can install a wildcard certificate on a server to protect a primary domain name and all its subdomains at the same level. Both domain validated (DV) and organization validated (OV) certificates support wildcard domain names.

If your server hosts multiple subdomains at the same level, you need to only purchase and install one wildcard certificate. You do not need to purchase or install a certificate for each subdomain.

If you want to purchase a wildcard certificate, take note of the following rules to match the subdomains of a wildcard domain name:
  • A wildcard certificate supports only the subdomains at the same level.

    For example, if a wildcard certificate is bound to the domain name *.aliyundoc.com, the wildcard certificate supports the subdomains at the same level, such as demo.aliyundoc.com, learn.aliyundoc.com, and example.aliyundoc.com. However, the wildcard certificate does not support the subdomains at different levels, such as guide.demo.aliyundoc.com and developer.demo.aliyundoc.com.

    If a wildcard certificate is bound to the domain name *.demo.aliyundoc.com, the wildcard certificate supports subdomains such as guide.demo.aliyundoc.com and developer.demo.aliyundoc.com.

  • A wildcard certificate can be bound to only a second-level domain name.
  • A wildcard certificate can be bound to only one wildcard domain name.
  • A wildcard certificate supports only wildcard domain names.

    For more information about how to use one certificate to protect multiple wildcard domain names and hybrid domain names, see How do I apply for multi-domain certificates or hybrid certificates? A hybrid domain name contains both wildcard domain names and common domain names.