Facebook Pixel

How do I get a wildcard certificate with Let's Encrypt?

Use sudo certbot certonly --manual --preferred-challenges dns -d *.yourdomain.com -d yourdomain.com. This requires DNS-01 challenge you add a TXT record (_acme-challenge) to your DNS. For automation, use the certbot-dns-cloudflare plugin with your Cloudflare API token.

Verify This Answer

Cross-check this information using these trusted sources:

More FAQs in Wildcard SSL and SAN Certificates Securing Multiple Subdomains with One Certificate

A wildcard certificate (*.yourdomain.com) covers a domain and all its first-level subdomains (api, app, admin, www, etc.) with a single certificate. It does NOT cover the root domain (yourdomain.com) unless explicitly included, or second-level subdomains (sub.api.yourdomain.com).

A SAN (Subject Alternative Name) certificate lists multiple specific domains explicitly (yourdomain.com, www.yourdomain.com, api.yourdomain.com). It's more secure than a wildcard but requires re-issuing when adding new subdomains.

Install certbot-dns-cloudflare, create a credentials file with your Cloudflare API token, then run certbot with --dns-cloudflare --dns-cloudflare-credentials. Certbot automatically adds and removes TXT records via the API during renewal.

Still have questions?

Browse all our FAQs or reach out to our support team

Want to upskill yourself?

Our courses are taking a Coffee break, but your curiosity shouldn't. Stay engaged with namastedev linkedin, youtube, discord and other resources while you wait.

0
Please Login.
Please Login.
Please Login.
Please Login.
Please Login.
Please Login.
Please Login.
Please Login.
Please Login.
Please Login.
Please Login.
Please Login.