Menu
I have an attractive message indicating me that it is unfortunately not possible to generate a certificate for multiple subdomains:
Wildcard domains are not supported: *.mynewsiteweb.com
On the other hand it would be possible to generate it one by one for each subdomain.
Is there a better solution? Thank you :)
Now Certbot supports the Wildcard since 0.22.0 version (2018-03-07)
545
LetsEncrypt does not provide a script for auto-renewing certificates with wildcard subdomain. There's a script certbot-auto that can be setup in cron (if using Linux), that can auto-renew single domain SSL certificates. The same script can also be used to manually install and renew wildcard subdomains.
SSL.com's Wildcard Certificate lets you protect multiple subdomains with one easy solution! No need to install a separate certificate for each subdomain – a Wildcard Certificate can handle them all. Save money and simplify certificate management with a Wildcard Certificate from SSL.com!
Each domain name can have up to 500 subdomains. You can also add multiple levels of subdomains, such as info.blog.yoursite.com. A subdomain can be up to 255 characters long, but if you have multiple levels in your subdomain, each level can only be 63 characters long.
To secure all subdomains of your domain, you will need to get a wildcard certificate.
Prior to support for wildcards I found it necessary to explicitly list each domain on a certificate in the form
… -d example.com -d www.example.com -d blog.example.com -d www.blog.example.com … (which due to complexities in the odd mix of redirected domains I'm using worked best with the --webroot authentication).
Thanks to Trojan's explanation and documentation here:
https://certbot.eff.org/docs/install.html?highlight=wildcard
I was able to generate wildcard certs that are live now. Unfortunately there is not a plugin for EasyDNS.com yet, so I had to perform manual validation (Where Trojans example saved the day). With this approach I was able to generate a certificate in the form
… -d *.example.com -d example.com -d *.blog.example.com … Since (for example's sake) blog.example.com was already covered by the *.example.com wildcard, I only had to add the wildcard for *.blog.example.com. In fact certbot would not allow redundancy (complained if I tried to include both *.example.com and www.example.com).
Currently available plug-ins are listed here:
https://certbot.eff.org/docs/using.html#dns-plugins
As of this writing they include these DNS providers:
Perhaps I'll take a peek over the weekend and see how hard it is to write a plug-in for my own DNS provider.
54
it is unfortunately not possible to generate a certificate for multiple subdomains
Not true. It is possible to generate a cert for multiple sub-domains. Just include those subdomains in the configuration file by their names:
domains = example.org, www.example.org, sub.example.org, www.sub.example.org
Then run certbot with the configuration file:
certbot-auto -c config.ini
You will have to verify ownership for each domain.
See more about configuration file.
42
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
