I’m writing a guide (in italian) about “how to get wildcard certificates with Let’s Encrypt”.
I’m using certbot 0.26.1.
I successfully got a wildcard certificate with
certbot --email email@example.com --agree-tos --manual-public-ip-logging-ok certonly --manual --preferred-challenges dns -d 'miosito.com,*.miosito.com'. Easy peasy.
Now I’m trying to understand how the renewal will work. I found conflicting messages around: someone (and the output of the command itself) says that the standard
letsencrypt-auto renew will work as usual, someoneelse says that this won’t work due to
--preferred-challenges dns needing a specific API DNS-side.
I suppose that, if the DNS TXT codes being generated by the renewal is the same, the renew will work. If the renewal will generate new DNS TXT codes this can’t work.
What should I expect?