Wildcard support DNs txt verification for al subdomains?


I have a question regarding generating a wildcard ssl certificate through Let’s Encrypt.

If i want to generate a wildcard certificate for “*.example.com”, do i need to do a txt dns verification for every subdomain that uses the certificate?

For example:
pc1.example.com -> txt verification?
pc2.example.com -> txt verification?
pc3.example.com -> txt verification?

It is not really clear to me how this part works.

My domain is: *.example.com

My web server is (include version): IIS 8.5

The operating system my web server runs on is (include version):Windows Server 2012 R2

My hosting provider, if applicable, is: Perrit is hosting the actual domain that i want to request the wildcard certificate for.

I can login to a root shell on my machine (yes or no, or I don’t know): I have access to the windows server that has the IIS binding for the domain.

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Domain hosting is external(Perrit), don’t have access to that. For the txt verification i need to contact them.

Kinds regards,


To validate the wildcard *.example.com, you use a TXT record for _acme-challenge.example.com.

1 Like

Thank you for the quick answer.
To make sure i understand correctly, the subdomains that will use the certificate don’t need to be validated through the TXT record?

Correct. That's how a wildcard certificate works.

If you wanted a non-wildcard certificate for those 3 names, that would be a different matter.

1 Like

Ok thats great to hear!
Thank you!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.