Continuing the discussion from Setting up LEMP on Ubuntu 18.04 (Fresh Install/Upgrade):
This tutorial requires advanced knowledge of terminal and Your full control over your domain.
As of 28/05/2018, We’ve tested this guide on live installs of 16.04 and this procedure can be used to obtain wildcard certificates on ubuntu 16.04 & Above. Please make sure your certbot is the latest.
So you want to generate wildcard
(*.example.com) certificate for your domain to enable ssl on all your subdomains by default? let’s get started:
This guide only works with Certbot >= 0.22.0.
and the official PPA currently only has v0.23.0 for ubuntu 18.04
The process starts with the usual gig of adding PPA to your ubuntu server.
run the following commands:
sudo apt update sudo apt install software-properties-common sudo add-apt-repository ppa:certbot/certbot sudo apt update sudo apt install python-certbot-nginx
And then run:
sudo certbot --manual --preferred-challenges dns -i nginx -d *.example.com -d example.com --server https://acme-v02.api.letsencrypt.org/directory
Now certbot will give You a few instructions. I’ll break down what to expect!
- Certbot will ask you to enter email (to create send urgent notification)
- Certbot will take consent for logging Your IP
- Certbot will give you 2 DNS TXT records like
_acme-challenge.example.com.first is for your
example.comdomain and second is for
*.example.comso create both records in your DNS entries.
After that’s done, Your wildcard certificate will be issued.