just change out app_name for your purposes
openssl genrsa 2048 > app_name-wildcard.key
openssl req -new -x509 -nodes -sha1 -days 3650 -key app_name-wildcard.key > app_name-wildcard.cert
# Common Name (eg, your name or your server's hostname) []:*.app_name.com
openssl x509 -noout -fingerprint -text < app_name-wildcard.cert > app_name-wildcard.info
cat app_name-wildcard.cert app_name-wildcard.key > app_name-wildcard.pem
chmod 644 app_name-wildcard.key app_name-wildcard.pem
example nginx conf below
# SSL
server {
listen 443;
server_name *.app_name.com;
ssl on;
ssl_certificate /etc/nginx/ssl/app_name-wildcard.pem;
ssl_certificate_key /etc/nginx/ssl/app_name-wildcard.key;
ssl_session_timeout 5m;
}
what if I want naked and wildcard domain?