4

I use aws route53 with a wildcard SSL certificate:

the certificate allows: *.domain.com

In order to allow users to access both: "domain.com" and "www.domain.com" I have to setup individual records for each. This does not bother me, but I have a problem when I want to use subdomains:

domain.com
www.domain.com
sub.domain.com

all work since they match *.domain.com ... However I also want www.sub.domain.com to work without having to add *.sub.domain.com to the certificate.

How is it possible?

Chris
  • 173

1 Answers1

6

Not sure how AWS Route 53 is related to SSL certificates. Route 53 is basically a DNS service, it has nothing to do with SSL certificates. At the same time, AWS does deal with SSL certificates too - service responsible for this is called Certificate Manager.

Anyway, answering to your question:

  1. If your SSL certificates are issued by AWS, then you can issue a certificate for any subdomain you own for free. The only limitation is that you can't download the private key for this certificate - you can only use it through ELB (Elastic Load Balancer) or CloudFront services.
  2. If your SSL certificates are issued by another authority, then unfortunately you have to request a separate certificate for *.sub.domain.com - that's the general principle, based on how SSL certificates work. See, for example, the answer to this question: Wildcard SSL certificate for second-level subdomain
Community
  • 1
Vlad Nikiforov
  • 483