How do I change the hostnames that an SSL certificate works with?

This page is showing a generic answer.
To see a more detailed answer customized for you, type your domain name here:

If we host your DNS (as we do for most customers), we usually provide a free “wildcard” Let’s Encrypt SSL certificate that works for “” and any subdomain immediately below that, including “” and other names like “” and “” that you might use in subdomains.

(If we don’t host your DNS because you’ve added DNS entries elsewhere, you’ll need to use our control panel to order a non-wildcard certificate that contains only the hostnames you’ve pointed here.)

With a wildcard certificate, you won’t need to change anything to start using another hostname at the same level — for example, if you currently have a certificate working for “”, you don’t need to do anything extra to make it work with for “”.

If you need to add more levels to a wildcard certificate (like adding “”) or add hostnames to a non-wildcard certificate, you’ll need to open a ticket and ask us to add them. We will obtain and install a new certificate for your site within one business day.

Limitations on reissuing certificates

The Let’s Encrypt project has a fixed limit on the number of certificate changes per week. Each time you ask us to add one or more hostnames, that counts as a change. Because of that, you should tell us all your additions at once, and we can only make one change per business day.

Maximum number of hostnames

We support up to 20 hostnames or wildcard entries per free certificate.

How can I get a wildcard certificate without pointing my DNS nameservers at your company?

As we mentioned above, if you’re pointing your DNS nameservers for at us, we’ll automatically get a "wildcard" SSL certificate for you. If you’re running your own DNS nameservers, we won't be able to get a "wildcard" SSL certificate, but we will be able to get one for the two hostnames “” and “”.

If you do need a wildcard certificate while running your own DNS nameservers, you can add this extra DNS CNAME record at the other company that allows us to get a wildcard SSL certificate: CNAME

Note that if you do this, it prevents you from being able to verify any other Let’s Encrypt certificates you might want to create yourself, so unless you need a wildcard SSL certificate on our servers, it’s usually not worth the potential confusion it causes.