Exchange 2016 Wildcard Certificate — Why Should I Buy It?

1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 3.67 out of 5)

Getting a new SSL certificate can be a daunting process, especially since there are so many different options available. Wildcard SSL certificates are the best choice when it comes to securing multiple subdomains on a single website. If you’ve been searching for “exchange 2016 wildcard certificate” or “wildcard certificate exchange 2016”, we’ve got you covered.

In this article, we’ll discuss what a wildcard certificate is, why you should buy it, and how to get one for your Microsoft 2016 server.

Secure Unlimited Subdomains With One Wildcard SSL Certificate – Save 50%

Save 50% on Sectigo Wildcard SSL Certificates. Includes unlimited server licenses, reissuances, 256-bit encryption, and more.

Shop for Wildcard SSL Certificates

What Is an Exchange 2016 Wildcard Certificate?

A wildcard certificate is a single SSL/TLS certificate that you can use to secure an unlimited number of single-level subdomains for a single website.

All wildcard certificates from any certificate authority (CA) are compatible with Microsoft Exchange servers. this means that, contrary to popular belief, there is no specific wildcard certificate that will only work on an Exchange 2016 server. This can be a bit confusing, though, because a wildcard certificate that’s used on an Exchange 2016 server is sometimes referred to as an “Exchange 2016 wildcard certificate.”

To gain a better understanding of how to use an Exchange 2016 wildcard certificate, let’s consider the following example. Suppose Jerry, a young fellow starting out his own business, has the website domain As the business grows, he’d want to provide his customers with useful information, so he will need a blog — something that can be accessed through He might also want to create a product page like or a customer login page like

To secure all of these individual URLs using standard SSL/TLS certificates will quickly become a headache (considering certificate expirations, renewals, the entire certificate management cycle, etc.) and can also get fairly expensive pretty quickly. Instead, since Jerry is smart, he decides to use a single wildcard certificate for “*” to secure all his present and future first-level subdomains.

Now, if Jerry wants to secure subdomains at multiple levels like and along with the above, or if he decides that he wants to secure the subdomains on multiple domains, he’d need to opt for a multi-domain wildcard SSL certificate. These can secure just about anything (including IPs) — all on a single certificate — simply by adding your URLs as subject alternative name domains (SANs).

Why Should You Consider Getting a Wildcard Certificate?

There are a couple of direct benefits to buying a wildcard SSL to secure your sites:

  1. Wildcard certificates are useful, particularly if you’re planning to enable HTTPS across multiple subdomains for your website (even when you’re not sure of all the subdomains you wish to add)! With a regular wildcard certificate, you can continue adding subdomains (on that same level) even after the certificate is issued, and they will be accessible over HTTPS automatically!
  2. A wildcard SSL certificate is easy to use and offers hassle-free certificate management that:
    • saves time,
    • reduces the likelihood of leaving your websites unencrypted, and
    • is a cost-effective solution that won’t burn a hole through your pockets.

Wondering how to get a wildcard certificate for your Exchange 2016 server? The first step after purchasing a wildcard cert is to generate a certificate signing request, or a CSR.

10 Steps for Generating a CSR on Exchange 2016 for a Wildcard Certificate

You can use the Exchange Admin Center (EAC) or the Exchange Management Shell to generate a certificate signing request to obtain your Exchange 2016 wildcard certificate. The first method using EAC is easier to follow for the general audience, so let’s move ahead with that:

Step 1: Access Your Exchange Admin Center

Open a browser and log in to the EAC console after entering your username and password (as shown below).

Access Your Exchange Server Admin

Step 2: Select Your Server

From the left sidebar, select Servers and click on Certificates in the top menu bar. Select your server from the dropdown list on the Certificates page and click on the + symbol.

Select Your Server

Step 3: Create a New Exchange Certificate Request

In the new Exchange certificate wizard that pops up, select Create a request for a certificate from a certification authority and then click on Next.

Enter Your Certificate Name

Step 4: Enter a Friendly Name

In the next screen, enter a friendly name for your certificate that you can use to identify it, and click Next.

Enter Your Certificate Name

Step 5: Select the Option for a Wildcard Certificate

Since we’re requesting an Exchange 2016 wildcard certificate, ensure that the option “Request a wildcard certificate” is selected, and enter the root domain like “”

Enter Your Wildcard Option

Step 6: Select the Server Where You Want to Save the Certificate

Once that’s done, choose the server where you want to save the request and click on Next. This is the server on which you will complete the request later on and install the certificate. Since these certificates come with unlimited server licenses, they can be exported from this server and imported onto others with ease.

Save your certificate

Step 7: Review the Services

The next step that involves specifying the domain names and the services to be included on the certificate can be skipped since we’re using a wildcard certificate.

Review your services

You’re also given the option to edit the domain names on the next screen. If you don’t wish to edit make any changes, move on to the next step.

Enter Your Domain Name

Step 8: Fill in the CSR Details

Enter the CSR details carefully, avoiding any mistakes, and then click on Next.

Fill your CSR details

Step 9: Save the CSR

Enter the path where the CSR for your Exchange 2016 wildcard certificate is to be saved as a “.req” file and click on Finish. Do not skip or ignore this step!

Save Your CSR

Step 10: Generate the Order

Navigate to the universal naming convention (UNC) path (the one starting with double backslashes) in the previous step and open the newly created CSR file using any text editor (such as Notepad). Copy all of its contents, including the following, before sharing it with your CA:


Note: It’s crucial for this information to match the information that was submitted in the CSR process.

Once your order is placed, the CA will process your application based on the validation level of your certificate, issue your SSL, and share it with you. Once you have your wildcard certificate, the next step is to install it on your Exchange 2016 server.

4 Steps for Installing a Wildcard Certificate on Exchange 2016

Once you complete this process, you’ll be ready to access your website and its subdomains over a secure connection.

Step 1: Log in to EAC

Enter your username and password to login to the EAC platform.

Step 2: Navigate to the Certificates Page

Click on Servers on the left sidebar and select Certificates from the top menu bar. You should see your certificate listed by its friendly name with the status as “Pending request.” After selecting it, in the right-hand pane, press the option to “Complete” the pending request.

Navigate your certificate details

Step 3: Enter the Certificate Path to Complete the Pending Request

In the dialogue box that pops up, enter the path of the certificate (the one shared by the CA) to be imported and then select OK.

Complete your pending request

Step 4: Enable Services

Once that’s done, go back to the Certificates page and click on the! symbol (edit button) after selecting your certificate from the list.

Enable your services

Select the services you wish to assign and then click Save.


Your Exchange 2016 wildcard certificate is now installed, and you can access your sites over HTTPS. Use the SSL Checker tool to verify that the installation was completed without any errors.

SSL Certificate for Subdomain – How Do I Get One for My Website?