Create a Let's Encrypt wilcard certificate

Boris HUISGEN
Boris HUISGEN
Create a Let's Encrypt wilcard certificate

A wildcard certificate is useful to secure several services using different alias of the same domain name, in contrary to a certificate per alias. Let’s Encrypt offers now and freely such a service.

The creation of the wildcard certificate Let’s Encrypt is done by the CLI client certbot which needs to be installed on your distribution:

$ sudo apt install certbot

A working directory must be created to store generated files:

$ mkdir -p ~/certbot/{config,work,logs}
$ cd ~/certbot

To create a certificate, execute the following command given your domain name without any alias:

$ certbot certonly --config-dir config/ --work-dir work/ --logs-dir logs/ \
    --server https://acme-v02.api.letsencrypt.org/directory --manual \
    -d '*.monsite.fr'

The create process will ask you to add a record to your domain DNS zone. After this verification, the same command will need to be reused to regenerate the certificate before its expiration date.

Boris HUISGEN
Boris HUISGEN
Blog owner
  • #certbot