Matt Jasek

So let me guess,  you’ve purchased a wildcard SSL certificate and you’re looking to use it on a sub domain. You’ve probably landed here because you’ve discovered things aren’t as straight forward as they seem. Your wildcard ssl will work fine on your main website * with both www. and no www. however things start falling apart when you try to use the same certificate on a sub domain.

Why is this?

Lets use the example ‘’ Your wildcard certificate matches * however when we add www. to this domain you will see the certificate no longer matches the pattern. You would need a certificate that matched the pattern *.* for this to work and for the most part this isn’t possible.

The solution:

The simple solution is to make a rewrite rule in iis to remove www. from the domain. You will need to edit your web.config file to achieve this. Remove www. from sub domain:

 <rule name="Remove www from URL" stopProcessing="true">
 <match url="(.*)" />
 <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
 <add input="{HTTP_HOST}" pattern="^www\.(.+)$" />
 <action type="Redirect" url="http://{C:1}/{R:0}" />

Now we have your ssl working we will also want to force everyone to use HTTPS. To do this add the following rule to your web.config. Force all traffic to https:

<rule name="Redirect to https" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="off" />
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Found" />

Still not working?

Try to ensure your rules are set in the correct order. IIS will run your rules in order so you need to ensure you have the ‘remove www.’ rule positioned above the ‘force https’ Rule. If you’re still struggling with this I can provide professional SSL installation, contact me for a quote.