Wildcard certicate poorly supported

barf7709 · January 27, 2023, 4:22am

No you need to do it this way.

DNS-01 challenge

This challenge asks you to prove that you control the DNS for your domain name by putting a specific value in a TXT record under that domain name. It is harder to configure than HTTP-01, but can work in scenarios that HTTP-01 can’t. It also allows you to issue wildcard certificates. After Let’s Encrypt gives your ACME client a token, your client will create a TXT record derived from that token and your account key, and put that record at _acme-challenge.<YOUR_DOMAIN>. Then Let’s Encrypt will query the DNS system for that record. If it finds a match, you can proceed to issue a certificate!

And for deep details look at RFC 8555: Automatic Certificate Management Environment (ACME)

Topic		Replies	Views
Wildcard certificate renewal fails for some domains Help	12	1673	September 11, 2022
Autorenewal of --manual certificates (dns-challenge) Help	19	19906	May 19, 2022
Must I use one of the listed DNS providers to get Wildcard certificates? Help	4	3397	June 1, 2018
Certificate issue error Help	6	871	May 5, 2021
Problem with renew wildcard certificate Help	2	2289	June 16, 2018

Wildcard certicate poorly supported

DNS-01 challenge

Related topics