From d93181d5e7eae30b8ab2bba634b3e0a09c2dfe19 Mon Sep 17 00:00:00 2001
From: Brody Over <10548119+brody192@users.noreply.github.com>
Date: Tue, 17 Dec 2024 15:18:50 -0500
Subject: [PATCH] Update wildcard info (#636)

* update docs

* Update public-networking.md

* Update public-networking.md
---
 src/docs/guides/public-networking.md | 34 ++++++++++++++++++++++++----
 1 file changed, 30 insertions(+), 4 deletions(-)

diff --git a/src/docs/guides/public-networking.md b/src/docs/guides/public-networking.md
index 648664c79..8f1948b14 100644
--- a/src/docs/guides/public-networking.md
+++ b/src/docs/guides/public-networking.md
@@ -93,11 +93,37 @@ Note that changes to DNS settings may take up to 72 hours to propagate worldwide
 
 ## Wildcard Domains
 
-Wildcard domains allow for flexible subdomain management.  There are a few important things to know when using them:
+Wildcard domains allow for flexible subdomain management. There are a few important things to know when using them -
 
-1. Ensure that the CNAME record for `authorize.railwaydns.net` is not proxied by your provider (eg: Cloudflare). This is required for the verification process to work.
-2. Wildcards can be used for any subdomain level (e.g., `*.yourdomain.com` or `*.subdomain.yourdomain.com`).
-3. Wildcards cannot be nested (e.g., \*.\*.yourdomain.com).
+- Ensure that the CNAME record for `authorize.railwaydns.net` is not proxied by your provider (eg: Cloudflare). This is required for the verification process to work.
+
+- Wildcards cannot be nested (e.g., \*.\*.yourdomain.com).
+
+- Wildcards can be used for any subdomain level (e.g., `*.example.com` or `*.subdomain.example.com`).
+
+### Subdomains
+
+E.g. `*.example.com`
+
+- Make sure [Universal SSL is enabled](https://developers.cloudflare.com/ssl/edge-certificates/universal-ssl/enable-universal-ssl/).
+
+- Enable [Full SSL/TLS encryption](https://developers.cloudflare.com/ssl/troubleshooting/too-many-redirects/#full-or-full-strict-encryption-mode).
+
+- Add CNAME records for the wildcard subdomain.
+
+### Nested Subdomains
+
+E.g. `*.nested.example.com`
+
+- [Disable Universal SSL](https://developers.cloudflare.com/ssl/edge-certificates/universal-ssl/disable-universal-ssl/).
+
+- Purchase Cloudflare's [Advanced Certificate Manager](https://developers.cloudflare.com/ssl/edge-certificates/advanced-certificate-manager/).
+
+- Enable [Edge Certificates](https://developers.cloudflare.com/ssl/edge-certificates/).
+
+- Enable [Full SSL/TLS encryption](https://developers.cloudflare.com/ssl/troubleshooting/too-many-redirects/#full-or-full-strict-encryption-mode).
+
+- Add CNAME records for the wildcard nested subdomain.
 
 When you add a wildcard domain, you will be provided with two domains for which you should add two CNAME records -