Lets Encrypt Wild Card SSL Tutorial

LetsEncrypt has finally introduced wildcard SSL. For me, the timing couldn’t have been better as I am in the process of developing Homes in Asia - A real estate website builder.

Generating a wild-card SSL is as easy as generating an ordinary SSL. The only extra step is that you need to set a TXT record in your DNS. The exact code will be provided to you by the client.

If you haven’t already download and run the certbot-auto application.

#~ wget https://dl.eff.org/certbot-auto
#~ chmod a+x ./certbot-auto
#~ sudo ./certbot-auto

The last step from above will download the application and its dependencies.

Then it is time to generate the SSL certificate. My domain is homesin.asia. To generate the certificate, I ran

#~ sudo ./certbot-auto certonly \
  --server https://acme-v02.api.letsencrypt.org/directory \
  --manual --preferred-challenges dns \
  -d *.homesin.asia

This starts a wizard. It will mention that the IP address of the machine will be logged publicly. Once you agree there will be a couple ‘yes’ ‘no’ question.

Then it will prompt you to set up TXT records. Depending on how you set-up your domain you will have to set this txt record. Make sure you wait till it gets registered. You can use dig -t txt homesin.asia kind of a command to make sure that the txt record was set before continuing.

If all went well you will now have a SSL cert generated.

PS: If you are using a DNS service like Google (8.8.8.8), it may take a long time for the propagation to take place.