Obtaining and Installing a Wildcard Server Certificate (IIS 6.0)
A wildcard server certificate works with many SSL sites, because a wildcard (*) is used to stand for the host header name for each of the sites. All SSL-enabled Web sites that use the same IP/port binding and are distinguished only by their host header names must use the same wildcard server certificate.
Not all Certification Authorities (CAs) issue wildcard certificates.
You must be a member of the Administrators group on the local computer to perform the following procedure or procedures. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run IIS Manager as an administrator. At a command prompt, type runas /user:Administrative_AccountName "mmc %systemroot%\system32\inetsrv\iis.msc".
To obtain a wildcard server certificate
After you receive the wildcard server certificate from the Certification Authority (CA), assign the certificate on all Web sites that have the same IP/port binding and are distinguished only by host header name.