diff --git a/examples/complete-alb/README.md b/examples/complete-alb/README.md
index 56e70dd..4cc0e1f 100644
--- a/examples/complete-alb/README.md
+++ b/examples/complete-alb/README.md
@@ -42,6 +42,7 @@ Note that this example may create resources which cost money. Run `terraform des
 | <a name="module_lambda_without_allowed_triggers"></a> [lambda\_without\_allowed\_triggers](#module\_lambda\_without\_allowed\_triggers) | terraform-aws-modules/lambda/aws | ~> 3.0 |
 | <a name="module_lb_disabled"></a> [lb\_disabled](#module\_lb\_disabled) | ../../ | n/a |
 | <a name="module_security_group"></a> [security\_group](#module\_security\_group) | terraform-aws-modules/security-group/aws | ~> 4.0 |
+| <a name="module_wildcard_cert"></a> [wildcard\_cert](#module\_wildcard\_cert) | terraform-aws-modules/acm/aws | ~> 3.0 |
 
 ## Resources
 
diff --git a/examples/complete-alb/main.tf b/examples/complete-alb/main.tf
index 54814a8..d7b2317 100644
--- a/examples/complete-alb/main.tf
+++ b/examples/complete-alb/main.tf
@@ -59,6 +59,14 @@ module "acm" {
   zone_id     = data.aws_route53_zone.this.id
 }
 
+module "wildcard_cert" {
+  source  = "terraform-aws-modules/acm/aws"
+  version = "~> 3.0"
+
+  domain_name = "*.${local.domain_name}" # trimsuffix(data.aws_route53_zone.this.name, ".")
+  zone_id     = data.aws_route53_zone.this.id
+}
+
 ##################################################################
 # AWS Cognito User Pool
 ##################################################################
@@ -178,6 +186,13 @@ module "alb" {
     },
   ]
 
+  extra_ssl_certs = [
+    {
+      https_listener_index = 0
+      certificate_arn      = module.wildcard_cert.acm_certificate_arn
+    }
+  ]
+
   https_listener_rules = [
     {
       https_listener_index = 0