A wildcard certificate is a public key certificate (like SSL/TLS) that can be used on multiple subdomains, usually purchased from a trusted public certificate authority.
I could use one wildcard certificate, whether it was SSL or TLS, and use it to secure my website for all of these subdomains. Without a wildcard certificate, I would need one certificate for each of these subdomains in order to secure them all. In the case above I would have to buy 4 individual certificates and each one would be set to secure each of the 4 subdomains.
With a wildcard certificate purchase, you can usually also cover your "naked domain." This would mean that I could add venafi.com in addition to the 4 subdomains that my wildcard certificate already covers and now cover a 5th subdomain without any additional cost.
Wildcard certificates are typically used to cover all domains with the same registered root making it simple to administer. However, the flexibility that comes with utilizing wildcard certificates also creates significant security risks since the same private key is used across multiple systems, thereby increasing the risk of compromise across the organization:
Without proper security, control, and monitoring of wildcard certificates, they can be easily misused by cybercriminals to exploit the trust organizations have in wildcard certificates and use them in phishing attacks.
If you are looking to find out where your wildcard certificates are installed, trial Venafi as a Service for free today.