Use these instructions to order a Secure Site Wildcard SSL or Wildcard SSL Certificate.
After submitting your order, you'll need to complete domain validation for the domain on the order (demonstrate control over the domain) before we can issue your certificate. See Demonstrate control over domains on your SSL certificate order.
Create your Certificate Signing Request (CSR)
To remain secure, certificates must use at least a 2048-bit key size. For more information and instructions about creating a CSR, see Create a CSR (Certificate Signing Request).
Select the wildcard SSL/TLS certificate you want to order
Add your CSR
We use the information included in your CSR to populate corresponding values in throughout the order form: Common Name, Other Hostnames (SANs), Organization, and Organization Unit. If any of this information is not included in the CSR, the field in the form is left blank.
If the organization in the CSR is an existing organization and has an organization contact and verified contacts assigned to it, we will populate these values in the form too.
On the "Request" page, under Certificate Settings, upload your CSR to or Paste it in the Add Your CSR box.
When copying the text from the CSR file, make sure to include the
-----BEGIN NEW CERTIFICATE REQUEST----- and
-----END NEW CERTIFICATE REQUEST----- tags.
Common NameShow Recently Created Domains
After adding your CSR to the form, we populate the Common Namefield with the common name from the CSR.
To add the common name yourself, type the common name in the box, or under Common Name, expand Show Recently Created Domains and select the domain from the list.
Make sure to format the common name correctly (*.example.com).
Other Hostnames (SANs)
After adding your CSR, we populate the Other Hostnames (SANs) box with the SANs included in the CSR. You can still remove or add additional SANs as needed.
By default, wildcard certificates only secure a specific subdomain level. If your certificate is for *.yourdomain.com, it will secure subdomains of the same level automatically, which means under most circumstances you don’t need to enter in secure.yourdomain.com to use the certificate for that FQDN.
To secure subdomains on different levels (e.g., test.secure.yourdomain.com and six.test.secure.yourdomain.com) request a duplicate certificate. Since these subdomains are not on the same level as the wildcard (*) character, you must manually add them as SANs to the certificate. Requesting multiple duplicate certificates allows you to secure additional subdomains without invalidating the previous certificates.
Select a validity period for the certificate: 1 year, 2 years, Custom expiration date, or Custom length.
Custom validity periods
Additional Certificate Options
The information is this section is optional.
Expand Additional Certificate Optionsand provide information as needed.
If you include organization units in your order, DigiCert will need to validate them before we can issue your certificate.
Auto Renew can't be used with credit card payments. To automatically renew a certificate, the order must be charged to account balance. You can configure the finance settings for your account on the Finance Settings page (in the sidebar menu, click Finances > Settings).
If your CSR includes an organization currently used in your account, we populate the Organization field in the order form with that organization's information.
To add an organization, click Add Organization.
Unless you update the Organization Contact, we will use you as the primary contact to validate this certificate order.
Organization Contact (required)
The Organization Contact is someone who works for the organization included in the certificate order. We contact them to validate the organization and verify the request for OV TLS/SSL certificates. We also send them order confirmation and renewal emails.
We populate the Organization Contact card for you.
To use a different organization contact:
Technical Contact (optional)
In addition to yourself, this person will receive order emails including the one with the certificate attached, as well as renewal notifications.
To add a technical contact
Additional Order Options
The information is this section is optional.
Expand Additional Order Optionsand add information as needed.
Comments and renewal messages are not included in the certificate.
Enter the email addresses (comma separated) for the people you want to receive the certificate notification emails, such as certificate issuance, duplicate certificate, certificate renewals, etc.
These recipients can't manage the order, however they will receive all the certificate related emails.
Select Payment Method
Under Payment Information, select a payment method to pay for the certificate:
Certificate Services Agreement
Read through the agreement and check I agree to the Certificate Services Agreement.
Click Submit Certificate Request.
Demonstrate control over the domains on your order
Now that you've submitted your order, you need to complete domain validation for the domain on the order (demonstrate control over the domain) before we can issue your certificate. See Demonstrate control over domains on your SSL certificate order.
Complete organization validation
To validate/authenticate your authority to order a certificate for the organization on your certificate order, we will call a verified phone number to speak with some who represents you, the certificate requestor, such as the organization or technical contact.
To get organization consent for your certificate order: