Previously, I got ssl certification by Let’s Encrypt. Now, I try to get wildcard certification.

I already installed certbot by yum. Run the following command.

certbot certonly --manual -d *.susfour.net -m <mail address> --agree-tos --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory

Waiting for a while…

-------------------------------------------------------------------------------
Please deploy a DNS TXT record under the name
_acme-challenge.susfour.net with the following value:

Gp5IOeuoK2YLo0pw1yT5TJ66sEq6L3zD6vaUVsz50H0

Before continuing, verify the record is deployed.
-------------------------------------------------------------------------------

the above message was shown and set the value on the DNS server. I use muumuu domain and write the value as follows.

After setting the value, push Enter. After a while, “Congratulations!” was shown and I was able to get ssl certification.

Very easy!

However, wildcard certification is not apply to the domain itself (if we get ssl for “*.susfour.net”, https://susfour.net/ is excluded. Only sub domain is applied).

We can update the certification by certbot renew.

We can not use “certbot renew” to update the certification.

(参考)

https://qiita.com/chamaharun/items/566c78bb8a13b4c2bc16

0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.