Question

Tutorial for let's encrypt wildcard?

Posted March 14, 2018 26.2k views
Let's Encrypt Ubuntu 16.04

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

10 answers

This worked for me: https://blogs.msdn.microsoft.com/mihansen/2018/03/15/creating-wildcard-ssl-certificates-with-lets-encrypt/

Pretty simple actually.

sudo certbot certonly --server https://acme-v02.api.letsencrypt.org/directory --manual --preferred-challenges dns -d *.<your.domain>

We’ll definitely be covering that topic! Quite a few of us here at DO were very excited to see this release. We’re looking into it now, but we’ll likely not provide a new tutorial until the new certbot version is available in the official PPA. See this convo on the Let’s Encrypt forum for more details:

Any update on this? Looking for the tutorial.

Afaik the certbot-client doesn’t yet support automatic challenges with the dns-digitalocean authenticator. However, the certbot docker container does.

sudo docker run -it --rm --name certbot \
    -v "/etc/letsencrypt:/etc/letsencrypt" \
    "/var/lib/letsencrypt:/var/lib/letsencrypt" -v "<path-to-output-directory>:/keys" \
    certbot/dns-digitalocean certonly --server https://acme-v02.api.letsencrypt.org/directory \
    --dns-digitalocean --dns-digitalocean-credentials <path-to-DO-conf.ini> "*.yourdomain.tld"

Certbot worked fine for me for multiple wildcard certificates once I specified the –server argument

certbot certonly --server https://acme-v02.api.letsencrypt.org/directory --dns-digitalocean --dns-digitalocean-credentials <PATH_TO_CREDENTIALS.INI> --dns-digitalocean-propagation-seconds 60 -d \*.example.com -d example.com d \*.example2.com -d example2.com

Hello I used the above command to create the certificates.

sudo certbot certonly --server https://acme-v02.api.letsencrypt.org/directory \
      --dns-digitalocean --dns-digitalocean-credentials <PATH_TO_CREDENTIALS.INI> \
      --dns-digitalocean-propagation-seconds 60 \
      -d \*.example.com -d example.com d \*.example2.com -d example2.com

So now for the automatic cron renewal I have 2 questions:

1) Do I use the exact same command in the cron shell renew.sh script?

2) Since I created this from a non root account, do I need to install the cron job as root or can I use the same user.

Thanks!

Hello,

I’m looking forward for this tutorial, too.
Any news ?

Thank you,

Any idea when there will be an official DO tutorial? I am having troubles with auto renewals.

I’m interested in a tutorial / guide on this as well. Is there an ETA now that it seems like we’re at certbot >0.22 in the PPA.

Plus for tutorial, I’ve spent hours before make it work.

Submit an Answer