Add wildcard to base domain certificate

kcris · July 10, 2019, 9:09am

Hello,

I have created a cert for my base domain about two years ago, without wildcard support, like this

sudo certbot --authenticator webroot --installer apache
sudo certbot renew --dry-run

Everything works, cert is updated. I would like to add wildcard/subdomains support in the same cert file (to cover both the base domain and the wildcard).

Is this possible? How?
Assuming I find an answer for #1, what do I have to do to keep having automatic renewal for the modified certificate?

thanks a lot

JuergenAuer · July 10, 2019, 9:17am

Hi @kcris

please read

If you want to create a wildcard certificate, dns-01 validation is required.

So your dns provider should support an API. And there should be a plugin you can use.

Perhaps check acme.sh.

kcris · July 10, 2019, 9:37am

Hi, thanks for your answer!

I think I am out of luck, since I have a ‘freenom’ domain which is not in that list of supported providers (for dns challenges).

Thanks for pointing that out!

Thanks
Chris

Nekit · July 10, 2019, 10:43am

You can still use other providers for dns, the most common free recommendation is Cloudflare.

kcris · July 10, 2019, 11:15am

Hi,

interesting idea, so what you’re saying is that I could ask freenom (via a NS record) to use cloudflare servers for dns and then I could use acme.sh to do the dns challenge (cloudflare being supported) - and this way I’d be able to get my wildcard

did I got it correctly?

thanks

Nekit · July 10, 2019, 1:27pm

Exactly right! This is how I do it.

system · August 9, 2019, 1:27pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.