Wildcard Certificate Implementation

Wildcard certificates simplify multi-subdomain deployments but require careful implementation. They match single-level subdomains only: *.example.com covers sub.example.com but not sub.sub.example.com. Combine wildcard and specific domain entries for comprehensive coverage.

Nginx configuration for wildcard certificates:

server {
    listen 443 ssl http2;
    server_name *.example.com;
    
    ssl_certificate /etc/ssl/certs/wildcard.example.com.crt;
    ssl_certificate_key /etc/ssl/private/wildcard.example.com.key;
    
    # Redirect specific subdomains if needed
    if ($host = www.example.com) {
        return 301 https://example.com$request_uri;
    }
}