Can i use a Wildcard certificate to secure an Azure website?

Peter Niessink 1 Reputation point
2022-05-16T10:49:54.05+00:00

Can I use a wildcard certificate ( *.bakertilly.global) to SSL protect a subdomain for a URL ( http://independence-test.bakertilly.global ) or must i use an explicit certificate that matches the URL of the website in Azure?

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,970 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Alan Kinane 16,951 Reputation points MVP Volunteer Moderator
    2022-05-16T11:10:17.297+00:00

    I am assuming the service you are talking about is the Azure App Service as you have tagged your post with webapps. Wildcard certificates are supported here but you have to purchase/bring your own certificate, the free managed certificate for this service is not a wildcard certificate.

    https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate?tabs=apex%2Cportal#start-certificate-order

    202342-image.png

    0 comments No comments

  2. Michael Taylor 60,331 Reputation points
    2022-05-16T14:27:19.307+00:00

    Yes you can. We do. From a security standpoint you should have a single cert per domain. This prevents a malicious user from creating a subdomain and using your cert but given that subdomains shouldn't be hostable without proper checking this ideally shouldn't be an issue. However if you have a lot of sites then this can be expensive and hence the wildcard might be a more cost effective approach.

    0 comments No comments

  3. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.