Does each subdomain need its own SSL certificate?

Better Stack Team
Updated on May 4, 2022

This depends purely on what type of certificate you have. You can have a standard single domain certificate. Aside from that, you can also get two following types of certificates.

Wild card certificate

Wild card certificate can be issued for domains that look like this *.example.com. This will ensure SSL encryption on all subdomains that end with .example.com. For example ws.example.com app.example.com and so on.

Multi-domain certificate

The second option is to use a multi-domain certificate that can be issued for a predefined list of domain names. This will ensure SSL encryption an all domains in the list using the Subject Alternative Name field of the certificate. For example, you can get a single certificate for ws.example.com and app.example.com.

If none of those options would work for you, you are left with the option of a separate certificate for each domain.

Got an article suggestion? Let us know
Explore more
Licensed under CC-BY-NC-SA

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

We are hiring.

Software is our way of making the world a tiny bit better. We build tools for the makers of tomorrow.

Explore all positions →

Reliability is the
ultimate feature

Delightful observability tools that turn your logs & monitoring into a secret weapon for shipping better software faster.

Explore Better Stack