Wildcard certificate

My netlify sitename is https://relaxed-longma-9e5900.netlify.app/

My custom domain is mediafuseagency.com and it managed by netlify DNS

I have a subdomain blog.mediafuseagency.com. It is a website that is not hosted on netlify but there is a DNS record for it on netlify pointing to the IP provided by the host.

My subdoman has no SSL certificate. I want to know if it is covered by my wildcard certificate.

Hi, a prerequisite for a wildcard enablement is that you are on a Pro tier or higher. Secondly if your DNS is not managed by Netlify the SSL certificate will not be created automatically for your wildcard subdomain.

my DNS at my domain registrar (namecheap) is pointed to netlify nameservers -


Yes but wildcard needs to be enabled for your account to begin with and it’s not because you are not on a Pro tier. Wildcard subdomains aren’t enabled by default and can only be enabled from our end. There are also a few requirements before we’re able to do so:

  • Either you have to use Netlify DNS so we can get you a wildcard SSL cert, or you must bring a custom wildcard certificate.
  • We can only do this for a site that’s on a paid team (see Netlify Pricing and Plans for details)

Also note:

You can’t use domain aliases on the site with Wildcard subdomains enabled, just the bare domain and subdomains under your primary domain. If you try to add a domain alias then it won’t work.
The primary custom domain for the site, if it is a example.com with www.example.com setting in our UI, must be www.example.com and not example.com!

Once the wildcard subdomain feature is enabled, you do not need to add new subdomains under the site settings. You’ll will need still need to create DNS records.

This might be a single wildcard DNS record for all subdomains (like a CNAME for *.example.com pointing to the netlify.app subdomain for the site). Alternatively, you can also create the individual DNS records to add each subdomain (like CNAMEs for subdomain-a.example.com, subdomain-b.example.com, etc.) as covered in our external DNS documentation. Both work so please do whichever you prefer.

Let us know which site and we’ll verify that it meets the requirements and get that set up for you.

the sites are

mediafuseagency.com - root domain

blog.mediafuseagency.com - subdomain

https://relaxed-longma-9e5900.netlify.app/ - netlify app (for root domain only, subdomain is hosted on digital ocean)

Hi, @jehoshua-shey. SSL/TLS is provided by the HTTP service and not the DNS service.

Netlify only provides the DNS service for blog.mediafuseagency.com and not the HTTP service because the DNS record you made for that domain name points to an HTTP server that Netlify does not control. The HTTP server for that domain is controlled by DigitalOcean and, for this reason, DigitalOcean must provide the SSL for that domain.

If there are other questions about this, please let us know.