Related

ERR_SSL_PROTOCOL_ERROR - Website not working Question Question
SSL set up gives "redirected you too many times." Question Question

Question

Let's Encrypt wildcard certificates - tutorial

Posted March 14, 2018 10k views
Let's EncryptUbuntu 16.04

Hello,

letsencrypt just announced new wildcard certificate. It would be great create a new tutorial for it.

https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579

Thank you.

Add a comment
oksim
By:
oksim

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
4 answers
Shelvak June 28, 2018

Hey guys I just created one, so ff you still need that …

  • Get certbot greater than 0.23 (I used 0.25 from docker-hub official certbot)
  • Mount /etc/letsencrypt dir [Only for docker]
  • Run certbot certonly --server https://acme-v02.api.letsencrypt.org/directory --agree-tos --manual --preferred-challenges dns -d 'DOMAIN,*.DOMAIN'
  • You’ll be asked to agree about public IP
  • Certbot will ask you to put TXT dns registries in your DNS. In webroot (for simple domains you have to put a file in your nginx/apache server, but now for wildcards you have to really put TXT dns. like:
  • Type | hostname | token | TTL
  • TXT | _acme-challenge.DOMAIN |90lOhB2V......wqY | 1
  • You have to wait a few seconds (and test with $ nslookup -q=txt _acme-challenge.DOMAIN)
  • Then you just hit enter a few times and you will get your cert :D
  • Enjoy

I hope that micro-guide can help you =)
Cheers

Reply Report
  • zstauber July 5, 2018

    Shelvak, you rock. Certbot with the DO plugins wasn’t doing it. It would work using the –staging option, but when it came time to do a final it would error out and report that it was using the old protocol (that doesn’t do wildcards). But your guide worked like a charm. I had to add two TXT entries for some reason. Maybe I did it wrong the first time. Anyway, now I have a working wildcard cert.

    Reply Report
ryanpq March 14, 2018

We’re very excited about LetsEncrypt and the introduction of wildcard certs is a great new feature! We work with tutorial writers from the community for a lot of our content and now offer both a cash payment for tutorial writers as well as matching that payment with a donation to a tech focused charity of the author’s choice.

Check out our Write for DOnations program here.

Reply Report
nenzo March 14, 2018
[deleted]
Reply Report
acsdo May 1, 2018

Any update on this? Looking for the tutorial.

Reply Report
bledari October 27, 2019

+1

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help