Tip of the Day: Wildcard SSL subdomain limitation

security tip_of_the_day

Recently I had this problem and was surprised by this limitation. The problem is wildcard SSL certificates only support one level of subdomains, i.e *.a.com matches foo.a.com but not bar.foo.a.com (taken from RFC2818, see link below). To support all subdomains beyond foo you would need a wildcard certificate for *.foo.a.com