Branch Subdomain and SSL Certificate

I have a Netlify site here:

I am using Netlify DNS and I enabled branch deploys and am using a different git branch to deploy on the subdomain here:

The SSL certificate works great for the sf-goso domain, but it doesn’t work for the offline-master.sf-goso subdomain and I can’t determine why not.

I did some Googling and think I might need to add a wildcard or new specific DNS record, but I can’t seem to get it to work. Here is a screenshot of the dns records:

Any help is greatly appreciated!

Hi @t9e-syd! Welcome to our Community!

Your DNS set up is perfect. Our system should have issued you a wildcard SSL certificate since you are using Netlify DNS but that had not yet happened. I went it and got that working for you and now is covered by the certificate. And any new subdomains you add should also be covered by that cert automatically.

Please let us know how things are looking on your end now.

Hi @laura,

I’m having a similar issue, where my top level domain ( ssl is working, but not on my subdomain ( Would you mind taking a look?


As far as I can tell, no DNS is configured for that hostname, nor is it applied to a Netlify site, both of which are required for us to get a certificate for it. What site of ours do you intend to show at that hostname, and have you configured it both in DNS and by adding that name to the list of sitenames in your site’s custom domains settings page?

I have a branch subdomain staging and I’ve configured the DNS by following this post.

Is there any way to have that subdomain with https automatically?
I’ve tried adding it to the Custom domains and renewed the certificate but then it seems it sometimes points to the production branch instead of the staging.

The only way, currently, to get the SSL certificate automatically updated to cover the branch subdomain is to use our Managed DNS.

The reason adding the branch subdomain as a “custom domain” isn’t working reliably is because the subdomain becomes an alias for the production version of the site, not the branch version.

If you are using the manual configuration instructions (meaning any DNS service other than Netlify’s), a support ticket is required to extend the SSL certificate.

1 Like

Thanks! Makes sense and I’ll try to use Netlify’s DNS service the next time.

@luke assuming you (as I am) are using the manual configuration, and need to create a support ticket, can that only be done on a paid plan? Or can someone on a free tier do that (if so, how?)

@joewoodhouse, please create a new “topic” (aka post) in the Admin category. If you want to keep the domain name secret (because it is preview/testing or otherwise not ready for the public) then ask for a direct message (DM) in the topic and we’ll exchange information privately that way.

Awesome thanks @luke

@joewoodhouse, I’m running into issues updating the SSL certificate and we’ll have another update here as soon as we know more.