Web Analytics

How to Add Subdomains to Your SSL.com Certificate

Protecting subdomains is essential for comprehensive website security. SSL.com offers two solutions: Wildcard SSL for simplicity and UCC/SAN Certificates for flexibility. Below is a streamlined overview – for technical workflows, refer to SSL.com’s Knowledgebase.

Wildcard SSL Certificates

Automatic Coverage

  • Secures example.com and all first-level subdomains (e.g., blog.example.com, shop.example.com) without needing to re-process the certificate when new subdomains are added.

Ideal For

  • Sites with dynamic subdomains under one parent domain
  • SaaS platforms offering customer-branded portals (e.g., clientA.yourservice.com, clientB.yourservice.com)
  • Organizations launching frequent marketing campaigns with dedicated landing pages (e.g., promo1.brand.com, event.brand.com)
  • Staging or dev environments that require quick provisioning of subdomains

Limitations

  • No support for multi-level wildcards (e.g., *.*.example.com)
  • Cannot protect unrelated domains (e.g., example.net)
  • DV Only — Wildcard SSL certificates are available only as Domain Validation; EV wildcards are not permitted by industry rules

UCC/SAN (Multi-Domain) Certificates

Key Steps to Add Subdomains

  1. Re-process Your Certificate

    • Navigate to Orders > Change Domain(s) / Rekey in the SSL.com portal.

  2. Modify SANs

    • Add new hostnames (e.g., api.example.com) or wildcard SANs (e.g., *.example.com).

    • Re-use your CSR if organization details stay the same.

  3. Validation

    • Subdomains under previously validated roots (e.g., dev.example.com) inherit approval.

    • New parent domains (e.g., example.net) require fresh validation.

Wildcard Support Rules

  • DV Only — Multi-domain certificates with wildcard SANs are available only as Domain Validation. OV/EV multi-domain certs cannot include any wildcards; every SAN must be an explicit FQDN.

For detailed screenshots and CSR troubleshooting, visit SSL.com’s Multi-Domain Re-processing Guide.

Certificate Comparison

Feature Wildcard SSL UCC/SAN SSL
Subdomain coverage Auto-covers all first-level subdomains under one root Manual SAN listing (explicit FQDNs or *.example.com)
Multi-domain support Up to 500 domains & subdomains
Wildcard availability DV Only DV Only (OV/EV disallow wildcards)
Cost model Fixed price per cert Base price + per-SAN fee

When to Choose Which

  • Wildcard SSL
    Best for dynamic, fast-moving setups like SaaS platforms, marketing teams managing frequent campaigns, and internal environments that spin up many subdomains on a single root domain.
  • UCC/SAN SSL
    Ideal for enterprises securing many distinct domains and subdomains under one certificate—such as international brands with multiple localized sites—and when you need explicit control over each SAN.

Pro Tip – Continuous Peace of Mind

Use SSL.com’s Health Check Monitoring (HCM) service to receive real-time alerts on certificate expirations, misconfigurations, and installation issues before they affect users.

Need Assistance?

  • Quick Help: Live chat in the SSL.com portal (bottom-right corner)
  • Deep Dive: Email Support@SSL.com for architecture reviews or complex multi-domain setups
  • Windows Users: Try SSL.com Manager for streamlined CSR generation and certificate installs on Windows servers

Was this article helpful?

Yes
No
Thanks for your feedback!

SSL Support Team

All Posts

Related How Tos

View All How Tos
Facebook Twitter Youtube Github

Subscribe to SSL.com’s Newsletter

What is SSL/TLS?

Play Video

Subscribe To SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com and stay informed of the latest changes about digital identity and encryption that can impact and enhance your life.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.

Take Survey