Wildcard SSL with potentially thousands of subdomains

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

I don't know much about how Wildcard SSL works and I wonder if anyone
can enlighten me as to whether it would work in the following very
specific circumstances.

We have a site where a certain class of user can have their own
For example, if you register as Bob Smith, you can create a site called


There will be potentially thousands of these subdomains. Each will have
secure and nonsecure pages. They are not going to have separate IP
addresses, so if the wildcard scheme depends on subdomains having
different IPs, it isn't going to work for us.

Also, if the certificate vendors charge per subdomain, it isn't going
to work for us.

And if the vendor needs to know the names of all the subdomains
beforehand, it isn't going to work for us.

Also, I notice earlier discussions about security risks (man in the
middle attack, etc) with Wildcard SSL. Does the scenario above suggest
any additional security concerns?


Site Timeline