I have created a cert for my base domain about two years ago, without wildcard support, like this
sudo certbot --authenticator webroot --installer apache
sudo certbot renew --dry-run
Everything works, cert is updated. I would like to add wildcard/subdomains support in the same cert file (to cover both the base domain and the wildcard).
Is this possible? How?
Assuming I find an answer for
#1, what do I have to do to keep having automatic renewal for the modified certificate?
thanks a lot
When you get a certificate from Let’s Encrypt, our servers validate that you control the domain names in that certificate using “challenges,” as defined by the ACME standard. Most of the time, this validation is handled automatically by your ACME...
If you want to create a wildcard certificate, dns-01 validation is required.
So your dns provider should support an API. And there should be a plugin you can use.
Perhaps check acme.sh.
Hi, thanks for your answer!
I think I am out of luck, since I have a ‘freenom’ domain which is not in that list of supported providers (for dns challenges).
Thanks for pointing that out!
You can still use other providers for dns, the most common free recommendation is Cloudflare.
interesting idea, so what you’re saying is that I could ask freenom (via a NS record) to use cloudflare servers for dns and then I could use acme.sh to do the dns challenge (cloudflare being supported) - and this way I’d be able to get my wildcard
did I got it correctly?
Exactly right! This is how I do it.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.