Adobe Analytics does not support wildcard certificates in first party implementation due to security vulnerabilities affecting other subdomains.

Adobe no longer support wildcard certificates, this is due to security vulnerability which has been identified with wild-card certificate, where certificate for the root domain (wild-card "*") could affect other subdomains in the case of vulnerability. As per security measure, Wild-card certificates are no longer supported for First party Implementation.

Identify and share SAN certificate for active Wild-card setups.

If wildcard setup is in use, then both primary and secondary domains have different secure and non-secure tracking server deployed under s.trackingServer and s.trackingServerSecure, within the deployed implementation code or in DTM property.

An example

Consider a primary and a subdomain using wildcard fpssl setup.

  • Primary domain is Tracking server used: and
  • Subdomain is Tracking server used: and

Previously, all the tracking servers were covered under wild-card certificate for * domain.

Customers are now requested to use SAN certificate by listing both the secure tracking servers that are in use for primary and subdomain site implementation. Now SAN certificate covers the following subdomains:


Additional resources