Let's Encrypt wildcard certificates - tutorial

March 14, 2018 3.2k views
Let's Encrypt Ubuntu 16.04

Hello,

letsencrypt just announced new wildcard certificate. It would be great create a new tutorial for it.

https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579

Thank you.

4 Answers

We're very excited about LetsEncrypt and the introduction of wildcard certs is a great new feature! We work with tutorial writers from the community for a lot of our content and now offer both a cash payment for tutorial writers as well as matching that payment with a donation to a tech focused charity of the author's choice.

Check out our Write for DOnations program here.

Hey guys I just created one, so ff you still need that ...

  • Get certbot greater than 0.23 (I used 0.25 from docker-hub official certbot)
  • Mount /etc/letsencrypt dir [Only for docker]
  • Run certbot certonly --server https://acme-v02.api.letsencrypt.org/directory --agree-tos --manual --preferred-challenges dns -d 'DOMAIN,*.DOMAIN'
  • You'll be asked to agree about public IP
  • Certbot will ask you to put TXT dns registries in your DNS. In webroot (for simple domains you have to put a file in your nginx/apache server, but now for wildcards you have to really put TXT dns. like:
  • Type | hostname | token | TTL
  • TXT | _acme-challenge.DOMAIN |90lOhB2V......wqY | 1
  • You have to wait a few seconds (and test with $ nslookup -q=txt _acme-challenge.DOMAIN)
  • Then you just hit enter a few times and you will get your cert :D
  • Enjoy

I hope that micro-guide can help you =)
Cheers

  • Shelvak, you rock. Certbot with the DO plugins wasn't doing it. It would work using the --staging option, but when it came time to do a final it would error out and report that it was using the old protocol (that doesn't do wildcards). But your guide worked like a charm. I had to add two TXT entries for some reason. Maybe I did it wrong the first time. Anyway, now I have a working wildcard cert.

    • Hey Zstauber, yeah I had to put 2 too. I think because of the main AND the wildcard =)
      Happy to help.

      Cheers.

Any update on this? Looking for the tutorial.

Have another answer? Share your knowledge.