Wildcard SSL with Cloudflare

Wildcard SSL with Cloudflare

If you run WordPress multisite or host multiple services under one domain, managing a separate SSL certificate (the encrypted connection that puts “https” in your browser bar) for every subdomain is a headache. A wildcard SSL certificate solves that in one shot — it secures your main domain and every subdomain under it with a single certificate that FlyWP renews automatically.

What Is a Wildcard SSL Certificate?

A wildcard SSL certificate covers a domain and all of its subdomains with a single certificate. For example, a wildcard certificate for *.example.com covers:

• www.example.com
• shop.example.com
• blog.example.com
• Any other subdomain under example.com

This is especially useful for WordPress multisite installations that use subdomain routing, where each subsite lives on its own subdomain and would otherwise need its own certificate.

Why Cloudflare Is Required

Wildcard SSL certificates require DNS-01 challenge validation — a process that proves you own the domain by temporarily adding a special TXT record (a type of DNS record that holds text-based information) to your domain’s DNS settings. FlyWP automates this entirely through the Cloudflare integration: it creates the validation record, waits for it to propagate, and removes it once the certificate is issued.

Note

Standard SSL certificates use HTTP-01 validation, which works by placing a verification file on your web server. Wildcard certificates cannot use this method because there is no single server that handles all possible subdomains. DNS-01 validation is the only option, which is why a Cloudflare connection is required.

Prerequisites

Before setting up wildcard SSL, you need:

1. A domain with DNS managed by Cloudflare (the DNS provider, not the proxy/CDN features — though those can be active too).
2. The Cloudflare integration connected in your FlyWP team settings.

If you have not connected Cloudflare yet, see Cloudflare Integration.

Setting Up Wildcard SSL

Once your Cloudflare integration is active, the setup takes just a few steps.

1. Navigate to your site in the FlyWP dashboard.
2. Go to the Domains tab.
3. Add a wildcard domain (e.g., *.example.com) if not already added.
4. Go to the SSL tab.
5. FlyWP detects that the domain requires DNS-01 validation and uses your connected Cloudflare account to complete the challenge automatically.
6. The wildcard certificate is issued and installed.

FlyWP handles renewal automatically — no manual intervention is needed.

Common Use Cases

Here are the most common scenarios where wildcard SSL is the right choice:

Use Case	How It Helps
WordPress Multisite (subdomains)	Wildcard SSL covers all subsites automatically as you add them
Staging subdomains	staging.example.com is covered without a separate certificate
Multiple services	api.example.com, cdn.example.com, etc. are all covered under one cert

Tip

If you run a WordPress multisite with subdomain routing, wildcard SSL is the recommended approach. It eliminates the need to provision individual certificates each time a new subsite is created.

Related Pages

• SSL Certificates
• Cloudflare Integration
• SSL Not Activating
• DNS Manager