If you use the Netlify managed Let’s Encrypt SSL certificate, they will cover the domains listed on the site. They will only provide wildcard certificates if you use Netlify DNS however (as their API requires a DNS based verification for wildcard certificates which only works if Netlify hosts the DNS).
Please note, Let’s Encrypt has a limit of 100 unique names per SSL certificate. All SSL providers (certificate authorities or CAs) limit the number of unique names per SSL certificate.
Then Netlify has a limitation of 1 SSL certificate per site. So, with the two limits considered together that limits a single site to a maximum of 100 unique domain names.
There are only two workarounds for this:
- use more than one site if you have more than 100 unique domains names to assign
- use the wildcard subdomain feature
Note, the wildcard subdomain feature allows wildcarding under a single domain name. For example, you can wildcard like so:
That above is all using a single level of subdomain under a single domain (example.com). If you need to wildcard until more than one domain name or at more than one level person apex domain, that again requires multiple sites and you cannot wildcard on multiple domains (or multiple levels of subdomains) for a single site at this time.
While we do not recommend proxying to Netlify, it is possible to do so. Using a proxy service may allow the use of multiple SSL certificates for a single site at the proxy service which would allow working around the limitation of one certificate per site here.
If there are other questions about this, please let us know.