How do I set up a wildcard certificate without using the manual flag?

HartleySan · June 8, 2022, 12:46pm

For my domain, mamacafejapan.com, I set up a wildcard certificate using the following command on an AWS EC2 instance (Amazon Linux 2 AMI) running an Apache web server (version 2.4.52) and using Certbot version 1.11.0:

sudo certbot -d mamacafejapan.com -d *.mamacafejapan.com --manual --preferred-challenges dns certonly

As part of the process, I added DNS TXT records from my Google Domains control panel to handle the challenges.

The wildcard cert works correctly, but I later discovered that if you use the --manual flag, then you can't automatically renew the certificate, which makes things inconvenient.

How can I set up a wildcard certificate without using the --manual flag so that I can auto-renew the certificate? Thank you.

MikeMcQ · June 8, 2022, 1:56pm

I have not used the google domains DNS plug-in myself but does this help?
https://certbot-dns-google.readthedocs.io/en/stable/#welcome-to-certbot-dns-google-s-documentation

rmbolger · June 8, 2022, 2:20pm

Just an FYI, there's a distinction between Google Cloud DNS and DNS hosted via Google Domains. The plugin @MikeMcQ linked is for the former and will not work with Google Domains. My understanding is that there is no API to manipulate records in DNS hosted by Google Domains.

MikeMcQ · June 8, 2022, 2:27pm

Thanks for correction.

Osiris · June 8, 2022, 3:22pm

Alternatively you could run a service such as acme-dns and set up the appropriate CNAME in Google Domains just once.

system · July 8, 2022, 3:22pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.