Does SSLcat support wildcard certificates?
Yes, SSLcat fully supports wildcard certificates. Wildcard certificates can cover all subdomains under a domain, greatly simplifying certificate management.
What are wildcard certificates
Wildcard certificates are a special type of SSL certificate:
- Format - Uses * wildcard, like *.example.com
- Coverage - Covers all first-level subdomains
- Not included - Does not include the main domain itself
- Validation method - Must use DNS validation
Advantages of wildcard certificates
Benefits of using wildcard certificates:
- Simplified management - One certificate manages multiple subdomains
- Cost reduction - Reduces certificate application and management costs
- Automated operations - Easier to implement automated deployment
- Good scalability - No need to reapply certificates for new subdomains
Supported domain formats
Domain formats supported by wildcard certificates:
- *.example.com - Covers all first-level subdomains
- *.api.example.com - Covers all subdomains under api
- *.dev.example.com - Covers all subdomains under dev
DNS validation configuration
Wildcard certificates must use DNS validation:
# Configuration example
certificates:
- domain: "*.example.com"
validation: "dns"
dns_provider: "cloudflare" # DNS provider
dns_credentials:
api_token: "your-api-token"
- domain: "*.api.example.com"
validation: "dns"
dns_provider: "route53"
dns_credentials:
access_key: "your-access-key"
secret_key: "your-secret-key"Supported DNS providers
SSLcat supports multiple DNS providers:
- Cloudflare - Uses API Token
- Route53 - Uses AWS credentials
- Aliyun - Uses AccessKey
- Tencent Cloud - Uses SecretId/SecretKey
- DNSPod - Uses API Token
- Custom - Supports custom DNS scripts
Application process
The application process for wildcard certificates:
- Configure DNS credentials - Set DNS provider credentials in the configuration file
- Apply for certificate - Apply through admin panel or command line
- DNS validation - Automatically create DNS records for validation
- Certificate issuance - Let's Encrypt issues the certificate
- Auto-installation - Automatically install to server
Usage example
Example of using wildcard certificates:
# Forwarding configuration
proxies:
- domain: "www.example.com"
target: "http://localhost:3000"
certificate: "*.example.com"
- domain: "api.example.com"
target: "http://localhost:8080"
certificate: "*.example.com"
- domain: "admin.example.com"
target: "http://localhost:9000"
certificate: "*.example.com"Important notes
Important considerations when using wildcard certificates:
- DNS permissions - DNS management permissions required
- Validation time - DNS validation may take several minutes
- Main domain - Main domain needs separate certificate application
- Multi-level subdomains - Multi-level wildcards not supported
Best practices
Best practices for wildcard certificates:
- Proper planning - Plan domain structure based on business needs
- Secure storage - Securely store DNS credentials
- Regular updates - Regularly update DNS credentials
- Monitoring alerts - Configure certificate expiration alerts
Wildcard certificates are the ideal choice for managing multiple subdomains, especially suitable for microservice architectures and SaaS applications.