Wildcard certificate not supported in first party implementation

Adobe Analytics does not support wildcard certificates in first party implementation due to security vulnerabilities affecting other subdomains.

Adobe no longer support wildcard certificates, this is due to security vulnerability which has been identified with wild-card certificate, where certificate for the root domain (wild-card "*") could affect other subdomains in the case of vulnerability. As per security measure, Wild-card certificates are no longer supported for First party Implementation.

Identify and share SAN certificate for active Wild-card setups.

If wildcard setup is in use, then both primary and secondary domains have different secure and non-secure tracking server deployed under s.trackingServer and s.trackingServerSecure, within the deployed implementation code or in DTM property.

An example

Consider a primary and a subdomain using wildcard fpssl setup.

Primary domain is www.example.com. Tracking server used: secure.example.com and non-secure.example.com.
Subdomain is www.store.example.com. Tracking server used: secure.store.example.com and non-secure.store.example.com.

Previously, all the tracking servers were covered under wild-card certificate for *.example.com domain.

Customers are now requested to use SAN certificate by listing both the secure tracking servers that are in use for primary and subdomain site implementation. Now SAN certificate covers the following subdomains:

secure.example.com
secure.store.example.com

Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices | Online Privacy Policy

Wildcard certificate not supported in first party implementation

Ask the Community

Contact Us