Hello, I'm curious about how to get a wildcard cert which would include first and second level wildcard subdomains, as described in this post:
Is there some info on this somewhere?
Thanks!
There is no option to nest wildcards. Only the leftmost element of a label may contain a wildcard.
6 Likes
That thread just imagines uses an ACME client and specify two domain names. Each has to satisfy the DNS Challenge. For example, Certbot might be like
sudo certbot certonly (options for challenge here) -d *.example.com -d *.example.example.com
If you need an explicit name (such as a registered name like example.com) you list that too. A wildcard cert only covers the level of names it matches
5 Likes
Maybe one day, in the future, there may exist a "wild²" / multiple wild cert option...
Until then, you can only include one "*" wild entry [and it has to be the first label in the name].
If you knew all the names of the second level [and they were 100 (or less)], you could list them all individually in one single cert.
*.one.example.com
*.two.example.com
...
*.one-hundred.example.com
4 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.