Doh! - I created Domain Instead of *.domain (wildcard)

My domain is: bsi.uk.com

I created an SSL with LE and applied it to my exchange server., IIS and Mail (i think you know where this is going :slight_smile: ).

I need to delete my LE bsi.uk.com certificate and recreate a wildcard *.bsi.uk.com

Some CA's ask you to wait 30 days... - can I delete the certificate and create a wildcard certificate straight away ?

I used win-acme to create the first certificate ?

And a final question: can a wildcard certificate be updated automatically in exchange?

Thank you in advance.

1 Like

You can get the wildcard without deleting your current certificate. The wildcard will include the apex domain only if you ask explicitly.

As for the automatic update, that answer you shall find in the win-acme documentation.

2 Likes

Be sure you understand that the * won't cover the "empty subdomain" (better known as the apex domain).

LE has very lenient issuance limits; Which should allow you to do so.
See: Rate Limits - Let's Encrypt

MS Exchange is NOT an ACME client and won't be able to request LE certificates automatically.
For that you will need to use a Windows ACME client [like the one you listed].

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.