Certbot authenticator error with webroot setting

Question

I am trying to obtain an SSL certificate with certbot and the --webroot setting. My current command is:

sudo certbot certonly --webroot -w <path> -d <URL> -d <*.URL>

Every time I run the command I get this error:

Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.

I tried every similar command I found. Please share some help.

I am using ubuntu 18 with the newest certbot version. I also tried certbot-auto

Answer 1

I figured it out: with the http verification (webroot) it is not possible to obtain wildcards (<*.url>).

But it is possible with a DNS challenge (Reference).

Here is an example command for a manual / DNS challenge wildcard certifiat request:

sudo certbot certonly --manual -d *.<domain> -d <domain> --agree-tos --no-bootstrap --manual-public-ip-logging-ok --preferred-challenges dns-01 --server acme-v02.api.letsencrypt.org/directory