Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
dear all i need to install ssl for the myserver let’s say name is temp.example.com
and i use wild card also domain name from godaddy what the right command should i use
to get cerf for this domain and all subdomain from it
This support is mostely run by volunteers. You’ve waited a whole hour. Also, your post isn’t really that helpful: none of the questions which are required to receive help have been answered.
Therefore, I’m enclined to guess there’s a few more hours to wait until someone has patience enough to help you with your very concise question.
i already run sudo certbot --server https://acme-v02.api.letsencrypt.org/directory -d temp.mydomain.com -d *.temp.mydomain.com --manual --preferred-challenges dns-01 certonly
i got txt to add in dns i do use godaddy get domain name and dns
so should i add txt record for every subdomain so what is the benefit of wildcard
Yes, currently (and I don't know if that's going to change) Let's Encrypt or certbot can't "mix" challenges. So if you need the dns-01 challenge for a wildcard certificate, then all hostnames must be validated by the dns-01 challenges. And for every hostname a separate TXT record is required.
The wildcard certificate is beneficial for the management of multiple domains in your webserver. With a wildcard certificate, you can make use of thousands of different labels without the need of getting a new certificate for every new hostname.
So if you have a certificate with *.example.com for just www.example.com, but you need a new website foo.example.com and perhaps later also bar.example.com, you can just use that single wildcard certificate for all those hostnames. Note: the wildcard hostname *.example.com would not cover foo.temp.example.com, as the wildcard is only valid for a single DNS label. You'd need the wildcard hostname *.temp.example.com for hostnames like foo.temp.example.com and bar.temp.example.com. Note 2: the wildcard hostname is also not valid for the "base" hostname example.com, so like you did correctly, you'd need to add *.example.com and example.com to the same certificate, requiring two TXT records indeed.
Using a TXT record is a policy requirement from the Let’s Encrypt CA in order to get a wildcard certificate. There is no way to get a Let’s Encrypt wildcard certificate without using the DNS-01 method (creating a TXT record in your DNS zone).