Wildcard Certificate Renewal
Overview
Wildcard certificates (*.yourdomain.com) require a manual renewal process. Unlike single-domain certificates, wildcard certificates cannot be automatically renewed due to the domain validation requirements involved.
How Wildcard Renewal Works
Approximately 2-4 weeks before your wildcard certificate expires, we will send you a renewal notification email with CNAME or TXT record information that you need to add to your DNS.
The process is:
- You receive a renewal notification from us with DNS verification details
- You create the specified CNAME or TXT record in your DNS configuration
- The certificate authority verifies the DNS record
- The new certificate is issued and installed on the WAF
Setting a Renewal Reminder
Because wildcard certificates require manual action, we strongly recommend setting a calendar reminder for 30 days before your certificate expiration date. This gives you a buffer to complete the DNS verification process without any downtime.
Your certificate expiration date is visible on your WAF dashboard.
What Happens If the Certificate Expires
If the renewal is not completed before the expiration date, visitors to your site will see SSL certificate errors in their browser. To avoid this, please respond to renewal notifications promptly.
Timeline
- 30 days before expiry: We send the first renewal notification
- DNS verification: Typically completes within 1-24 hours after you add the record
- Certificate installation: Automatic once verification is complete
Troubleshooting
If your renewal is not completing:
- Verify the CNAME or TXT record was added correctly using
digor a DNS lookup tool - Ensure there are no CAA records blocking certificate issuance
- Check that the DNS record has had time to propagate (up to 24 hours)
Need Help?
If you are having trouble with a wildcard certificate renewal, please contact us right away:
- Contact us at support@expeditedsecurity.com
- Book a Call at https://app.harmonizely.com/expedited/30-min