Question about subdomain certificates

Hello… happy to report everything is working great I have a certificate for my domain, one for access via remote desktop, one for a mail server and now I need a couple of subdomains.

I can request them individually but I was thinking a wildcard certificate might be a better solution. A) Is this correct? and B) Do I just add the *.mydomain.com option to my existing certificate?

I’m registered with Cloudflare and the subdomains will be pass-thru if that matters.

And finally (if the wildcard is the way to go) can I use it in place of the the individualized ones I currently have like mail.mydomain.com?

Thanks.

Yes you can just use a wildcard for your own convenience and apply it as you need to various services, however to get a wildcard cert you have to use DNS validation instead of the default http validation, so whether you can easily do that will depend on whether you are using a supported DNS provider.

You can’t mix wildcards and labels in the same cert e.g. *.domain.co. and mail.domain.com