What is a Wildcard SSL Certificate? A wildcard certificate is a type of SSL/TLS certificate that can be used to secure multiple domains (hosts), indicated by a wildcard character (*) in the domain name field.
This can be helpful if you have a lot of domains or subdomains that you need to secure, as it can save you time and money. This article will discuss wildcard certificates, how they work, and why you may want to avoid using them in your organization.
Understanding wildcard certificates
A wildcard SSL certificate is a digital certificate that can be used with multiple domain subdomains. Wildcard certificates are generally used in organizations with many subdomains. Wildcard certificates are valid for a primary domain and all its first-level subdomains.
For example, a wildcard certificate for *.example.com could be used for www.example.com, mail.example.com, store.example.com, or any other sub domain name in the example.com.
Wildcard certificates are more expensive than standard SSL/TLS certificates because they are multi-domain certificates with the same registered root. This makes them simple to provision and administer, rather than using multiple certificates for every single domain and subdomain. However, that flexibility comes with certain security and operational risks, including:
- Key compromise: if the certificate’s private key is compromised, an attacker can impersonate any domain under that wildcard certificate. Cybercriminals use certificates to host malicious websites for phishing campaigns.
- Operational burden: Oftentimes, teams don’t remember all the places they installed a wildcard certificate, making it difficult to keep track and manage effectively at scale.
- Downtime and outages: When it comes time for renewal, they need to renew and provision the certificate to all locations at the same time (i.e., using SSL certificates for each server vs. one for all reduces the blast radius of outages and breaches caused by private key compromise).
How to obtain a wildcard certificate
Wildcard certificates can be purchased from any Certificate Authority (CA). When ordering a wildcard certificate, you must specify the main domain name (e.g., example.com) and the subdomains (e.g., *.example.com). The CA will then generate a certificate that can be used to secure all the subdomains of the specified domain.
Benefits of wildcard certificates
There are some benefits to using a wildcard certificate for your website:
- Save time and money: If you have many domains or subdomains, it can be more efficient and cost-effective to use a single wildcard certificate instead of multiple standard certificates.
- Increased flexibility: Wildcard certificates offer more flexibility than standard certificates as they can be used to secure multiple subdomains. This can be helpful if you need to add or remove subdomains in the future.
Drawbacks of using wildcard certificates
When it comes to wildcard certificates, the risks typically outweigh the benefits, especially if your organization does not have the right tools and processes to manage certificates:
- Creates security risks: The main drawback of wildcard certificates is that they can actually create more risk than security. Wildcard certificates use a single shared private key for all subdomains. So, if one subdomain is compromised, all other subdomains on the same certificate are also vulnerable.
- Difficult to track: The perceived ease of use of wildcard certificates can be deceiving. While easy to distribute, keeping track of a single wildcard SSL certificate across dozens, even hundreds, of servers can be equally as challenging, especially when it expires in all locations at the same time.
Lessons learned: A wildcard certificate outage
In May of 2018, Epic Games, the developer behind popular video games like Fortnite and Rocket League experienced a widespread outage that left millions of players unable to login and disconnected. The cause of the outage? An expired wildcard SSL certificate.
The certificate in question was installed across hundreds of different production services in AWS, and because of this, the impact was widespread. Many gamers were left frustrated and angry, taking to social media to voice their displeasure.
This incident highlights one of the potential drawbacks of wildcard certificates. Because wildcard certificates secure multiple subdomains with a single certificate, an expired certificate can cause widespread disruptions.
If you’re using a wildcard certificate, keep track of the expiration date and renew it promptly to avoid any potential problems. Epic Games spent five and half hours to fully recover from the incident. Incredibly, they shared the details of their experience as a lesson to industry peers and worked to resolve the issue quickly.
Wildcard certificates: A shortcut, not a solution
Wildcard certificates are in most cases, a shortcut rather than a solution. If the process of renewing, provisioning, and installing certificates is manual and time-consuming, the easy way out is to reduce the number of certificates that need to be managed. Makes sense, right? Not always.
If you have a large number of websites hosted on a small amount of infrastructure, it may make sense, but you need to have tight controls over how that wildcard certificate is distributed and managed across those systems.
In development and testing environments, you may need to create temporary subdomains. Rather than going through the hassle (and expense) of creating and securing individual certificates for those subdomains, you can simply create a wildcard certificate and add the temporary subdomains to it as needed.
However, in most cases, wildcard certificates should be avoided. If you’re simply trying to save time and money or use a wildcard certificate as a stop-gap solution, you’re only addressing a symptom, not the root issue. With proper monitoring and automation in place, the pains of certificate management can be alleviated, while also avoiding the inherent risks of wildcard certificates.
Certificate expiration and renewal
Like all digital certificates, wildcard SSL certificates have an expiration date and need certificate management. When a certificate expires, it must be renewed and replaced in all locations. If a certificate is not renewed, the website(s) it secures will no longer be accessible over HTTPS and will display an error message to visitors.
When renewing a wildcard SSL certificate, you need to generate a new Certificate Signing Request (CSR) and submit it to your Certificate Authority (CA). Be sure to specify that you are renewing a wildcard certificate, as this will be considered when the CA generates your new certificate.
Certificate lifecycle management
Once you have your wildcard SSL certificate, you need to install it on your web server (or multiple servers) and configure it properly. After that, you should monitor the certificate regularly to ensure it is still valid and up-to-date. This process is known as certificate lifecycle management.
Certificate lifecycle automation
Many businesses automate the certificate lifecycle to simplify managing wildcard SSL certificates. This can be done with a solution like Keyfactor Command, which automates all aspects of SSL/TLS certificate management, from enrollment and installation to monitoring and renewal. This process is known as certificate lifecycle automation.
Bottom line: wildcard certificates can be useful in certain situations, but generally, they should be avoided. If you purchase a wildcard certificate, it is essential that the private key is generated and stored securely and that you have visibility into every location where the certificate is installed to ensure it is renewed and replaced before it expires.