Generate free letsencrypt wildcard SSL certificate

In this blog, I will cover, how to generate a wildcard SSL certificate for your domain using letsencrpt. I am generating a certificate for the domain example.com

Pre-Requisites

Let’s install a few packages and keep our ubuntu machine ready

snap install core; sudo snap refresh core
snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot

After setting up the pre-requisites, we are ready to generate our free wild card SSL certificate.

certbot certonly --manual --preferred-challenges=dns --email <emai> --server https://acme-v02.api.letsencrypt.org/directory -d *.example.com

You will get information as below.

Please deploy a DNS TXT record under the name:
_acme-challenge.example.com.
with the following value:
qQ_dcaj-oUQGdmFJpR4obGEWKlmdq5uO3MYTfKg2Gao

Let’s create a domain TXT record as information and validate our domain ownership.
TXT Record creation on hosted zone: Create a TXT record on DNS Zone

After creating a TXT record, Switch to the terminal press Enter.

On successful Verification of domain TXT record, you will successful message like this.

- Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/example.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/example.com/privkey.pem
   Your certificate will expire on 2021-08-23.

And That’s All. Now jump into the above directory and you can see the wildcard certificate for all of your subdomains.

Happy Secure web.