After purchasing a digital certificate, go to the certificate service console to fill in the domain information required for certificate validation. The console prompts you with the domain type based on the certificate you purchased. Domains must be entered correctly for the certificate to be issued with HTTPS enabled.
Wildcard domains
A wildcard domain starts with *. For example, *.aliyundoc.com is a valid wildcard domain, but *.*.aliyundoc.com is not.
A wildcard domain counts as one domain against your certificate's domain limit. For details on which subdomains a wildcard certificate covers, see What domains are supported by an "all-subdomains" wildcard certificate.
Common domains
A common domain is a specific, non-wildcard domain — for example, www.aliyundoc.com or aliyundoc.com. The number of common domains you can add depends on the domain quota in your certificate order.
Each subdomain counts as a separate domain. For example, learn.example.com and demo.learn.example.com are treated as two distinct domains.
How domain entries relate to CSR
The relationship between your domain list and the Certificate Signing Request (CSR) depends on how you generate the CSR.
System-generated CSR: The system automatically uses the first domain you enter as the Common Name (CN) field in the CSR. If your domain list includes both wildcard and common domains, put a common domain first.
Manually created CSR: The CN field in your CSR must match one of the domains in your certificate's domain list. If your list includes both wildcard and common domains, use a common domain as the CN value. For instructions on creating a CSR file, see How do I create a CSR file?.