A Wildcard SSL covers the main domain and all its first-level subdomains: *.yourdomain.tj. That means blog.yourdomain.tj, shop.yourdomain.tj, api.yourdomain.tj — all protected by one cert.
\n
When you need a wildcard
\n
- Many subdomains, frequently added (new projects, regional)
- SaaS with per-customer subdomains like
client1.app.tj,client2.app.tj - Test subdomains — don’t want to generate SSL for each
\n
What it does NOT cover
\n
- Second-level subdomains —
shop.dev.yourdomain.tjisn’t included (needs a separate wildcard or multi-level) - Other domains — only
yourdomain.tj
\n
Free wildcard from Let’s Encrypt
\n
Let’s Encrypt issues free wildcards, but only via DNS-01 challenge — you need DNS zone access.
\n
- In cPanel: Security → SSL/TLS → Generate, view, or delete SSL CSRs
- Create a CSR for
*.yourdomain.tj - Submit to Let’s Encrypt manually via certbot (if you have SSH) or contact Navju Cloud support — we’ll install it
\n
Paid wildcard
\n
Via Sectigo / DigiCert / GeoTrust — from $50/year to $200/year. Buy through the Navju Cloud client area, installation is automatic.