Why does my wildcard SSL not cover all subdomains after installation?

[PaulH]

I’ve installed a wildcard SSL certificate on shared hosting using cPanel, and the main domain works fine over HTTPS. However, the subdomains still show security warnings, as if the wildcard SSL isn’t being applied. I’ve checked DNS, cache, and basic SSL settings, but the issue only affects subdomains. Could this be caused by a missing certificate chain, incorrect cPanel configuration, or a hosting limitation with wildcard SSL on shared plans? What’s the best way to identify why a wildcard SSL covers the root domain but not the subdomains?

[Abigail_W]

I ran into the same issue on a shared hosting account. The main domain showed as secure, but subdomains threw warnings. In my case, the problem was that the certificate was installed without the full intermediate chain. Once I reinstalled the wildcard SSL including the correct CA bundle, the subdomains validated properly.

[Mila.T]

Missing or incorrect intermediate certificates are a very common cause of this. Even if the wildcard certificate itself is valid, browsers will still warn if the chain isn’t complete. I recommend double-checking that the certificate, private key, and CA bundle all match and are installed together.

[Paisley46]

I cleared browser cache and tested from different devices and networks, but the subdomains were still showing warnings. That ruled out caching issues and pointed more clearly to a server-side or certificate configuration problem rather than something local.

[ThomasT]

One thing to verify is whether the wildcard is actually listed in the certificate’s Subject Alternative Name (SAN) field. A proper wildcard should show something like *.example.com. If it’s missing, the certificate will only secure the root domain.

[DavidRW]

On shared hosting, the control panel may show the new certificate as installed while the web server is still serving an older one. Normally a service restart fixes this, but on shared hosting you’ll need support to reload the configuration on their side.

[SofiaL]

Some hosting providers limit wildcard SSL usage on shared plans or only allow a single certificate per account. If everything looks correct but the issue persists, it’s worth contacting support and confirming that wildcard SSL is fully supported for subdomains on your plan.

[ScottEG]

In my experience, this often comes down to how the hosting provider handles virtual hosts. Even with a valid wildcard certificate, subdomains may still be mapped to a default SSL configuration unless they’re explicitly linked to the wildcard cert.

[KennethVA]

If you have access to SSL diagnostics tools like SSL Labs, running a scan can quickly reveal whether the problem is an incomplete chain, incorrect certificate being served, or a mismatch between domain and certificate.

[SophiaT]

After reinstalling the wildcard certificate with the full chain and confirming wildcard support with hosting support, my subdomains stopped showing warnings. The key takeaway for me was that wildcard SSL issues are usually configuration-related, not certificate-related.

[SamuelTJ]

Another thing worth checking is whether the wildcard SSL was installed on the correct domain level. A certificate for *.example.com will not cover sub.example.com.example.com, and this mismatch can easily cause browser warnings even though the certificate itself is valid.

[Mason78]

I’ve also seen this happen when subdomains are routed to a different IP or server than the main domain. Even with a wildcard SSL in place, if DNS points subdomains elsewhere, the server may be presenting a default or expired certificate instead.

[Lily.D]

If you’re using cPanel, it helps to open the SSL/TLS Status page and verify that HTTPS is enforced for each subdomain. Sometimes AutoSSL partially provisions certificates, leaving subdomains technically unsecured despite a wildcard being present.