Guides
September 9, 2020

Generate Wildcard SSL certificate using Let’s Encrypt/Certbot

Step 1: Setup Pre-requisites

If you already have a droplet or a system then make sure your system have Python 2.7 or 3 and git installed on it. As I am starting on fresh Ubuntu droplet, we have to setup the above pre-requisites.

apt-get update
apt-get install python-minimalpython --version
apt-get install git-coregit --version

Step 2: Setup Certbot

After setting up the pre-requisites, now will setup the Certbot via github.

cd /opt
git clone https://github.com/certbot/certbot.git
cd certbot && ./certbot-auto

You can also install the Certbot via apt installer.

apt-get install letsencrypt

Step 3: Generate The Wildcard SSL Certificate

./certbot-auto certonly --manual 
--preferred-challenges=dns
--email [email protected] 
--server https://acme-v02.api.letsencrypt.org/directory 
--agree-tos -d *.repo.repman.avzare.dev

Step 4: Authenticate The Domain’s Ownership

After executing the above command, the Certbot will share a text record to add to your DNS.

Please deploy a DNS TXT record under the name
_acme-challenge.erpnext.xyz with the following value:

J50GNXkhGmKCfn-0LQJcknVGtPEAQ_U_WajcLXgqWqo

Record Name: _acme-challenge
Record Value: J50GNXkhGmKCfn-0LQJcknVGtPEAQ_U_WajcLXgqWqo

Create TXT record via DNS console and setup key and value

Step 5: Get The Certificate

Once you authenticate the domain ownership; by cleaning up dns challenges, Certbot generates the ssl certificate and required keys.

Congratulations!

You have successfully generated wildcard SSL certificate for your domain.