Generating your first Wildcard SSL Certificate via Certbot/Let's Encrypt
-
What if I currently have a single domain SSL Certificate issued by cerbot/Let's Encrypt and now I want the wildcard SSL?
-
@stephanbarker you can try this script
https://github.com/Neilpang/acme.sh -
The need of a manual renewal after (less than) 3 months is annoying. For some domain name service providers (e.g. Cloudflare) automatic renewal is possible by using special plugins. On a server with root access there is another possibilty: Install a small domain name server (I recommend yadifa) on this server, delegate the subdomain „_acme-challenge“ of your domain to this server and add a small bash script which will make the necessary DNS updates when you run certbot. On https://github.com/hatzfeld/certbot-local-dns I explain how to do this.
-
Thanks for the tip
-- yes, having to manually do this every 3 months is quite annoying, although at this time, the various DNS plugins are immature and are not easily installable without compilation, hence I have not included their usage in the blog post.Once they are bundled in Let's Encrypt proper, then I will publish another blog post with updates.
-
If you set up nginx correctly, you can have autorenewal just fine.
-
This post is deleted!
-
Oh wildcard certs, I'm not sure
-
I just renewed one of my wildcards. You indeed need to use DNS and the TXT records need to change every time. You would need to use a script to set the TXT records for auto-renew.
