Certbot / Let’s Encrypt Wildcard Certificates – Ubuntu 17.xx


Wildcard is supported as of Certbot 0.22.2

Currently, version 0.22.2 is only available on the Ubuntu 17.xx repository. Other Linux distributions may differ of course. If you currently have Certbot installed under 17.xx you may wish to “certbot delete” and “apt purge” it first. In other words you should probably start over.

Install Certbot:

[prism:bash]sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot
[/prism:bash]

Certbot should now be at version 0.22.2 or greater:

[prism:bash]$ certbot –version
certbot 0.22.2[/prism:bash]

Edit this file to use new/proper version of LetsEncrypt (ACME v02):

[prism:bash]sudo nano /etc/letsencrypt/cli.ini
[/prism:bash]

Add this line at end:

[prism:bash]server = https://acme-v02.api.letsencrypt.org/directory[/prism:bash]

Update this line to your domain and execute:

[prism:bash]sudo certbot –agree-tos –manual –preferred-challenges dns certonly -d *.domain.tld[/prism:bash]

At this point, just follow the prompts.
When it prompts for you to add a DNS TXT record, you will need to do that. As far as I know, other validation/plugins do not support newest LE (yet).

Leave a Reply

Your email address will not be published. Required fields are marked *