Lets Encrypt Wild Card SSL Tutorial18 Mar 2018
LetsEncrypt has finally introduced wildcard SSL. For me, the timing couldn’t have been better as I am in the process of developing Homes in Asia - A real estate website builder.
Generating a wild-card SSL is as easy as generating an ordinary SSL. The only extra step is that you need to set a TXT record in your DNS. The exact code will be provided to you by the client.
If you haven’t already download and run the certbot-auto application.
#~ wget https://dl.eff.org/certbot-auto #~ chmod a+x ./certbot-auto #~ sudo ./certbot-auto
The last step from above will download the application and its dependencies.
Then it is time to generate the SSL certificate. My domain is
homesin.asia. To generate the certificate, I ran
#~ sudo ./certbot-auto certonly \ --server https://acme-v02.api.letsencrypt.org/directory \ --manual --preferred-challenges dns \ -d *.homesin.asia
This starts a wizard. It will mention that the IP address of the machine will be logged publicly. Once you agree there will be a couple ‘yes’ ‘no’ question.
Then it will prompt you to set up TXT records. Depending on how you set-up your domain you will have to set this
txt record. Make sure you wait till it gets registered. You can use
dig -t txt homesin.asia kind of a command
to make sure that the txt record was set before continuing.
If all went well you will now have a SSL cert generated.
PS: If you are using a DNS service like Google (220.127.116.11), it may take a long time for the propagation to take place.