Featured image of post Using acme.sh to Obtain a Wildcard SSL Certificate
Software Code

Using acme.sh to Obtain a Wildcard SSL Certificate

The benefit of obtaining a wildcard certificate is that it protects all subdomains under the same domain. For instance, if you acquire a wildcard certificate for *.example.com...

Obtaining a wildcard certificate offers the advantage of protecting all subdomains under a single domain.

For example, if you apply for a wildcard certificate for *.example.com, it will cover example.com, www.example.com, blog.example.com, and other subdomains.

Applying for a wildcard certificate can save you a significant amount of time and resources. Instead of applying for individual certificates for each subdomain, a single application and installation will protect all your subdomains.

Additionally, wildcard certificates enhance the security and reliability of your website. They utilize the latest SSL encryption technology, safeguarding the site from threats such as hacking and data breaches.

Here are the specific benefits of obtaining a wildcard certificate:

  • Time and Resource Savings: A single application and installation can secure all subdomains.
  • Increased Security and Reliability: Utilizes cutting-edge SSL encryption technology to protect your site from hacking and data breaches.
  • Simplified Management: You only need to manage one certificate for all subdomains.

If you have multiple subdomains, obtaining a wildcard certificate is an excellent choice.

To request a wildcard certificate using acme.sh, you need to use the --domain parameter to specify the wildcard domain.

Wildcard domains start with *. For example, *.example.com.

Here’s an example of how to apply for a wildcard certificate:

1

acme.sh --issue --domain *.example.com

Output example:

1
2
3
4
5
6

|  | [... output ...] |
| --- | --- |
|  |  |
|  | Domain: *.example.com |
|  |  |
|  | Successfully issued certificate |

When applying for a wildcard certificate, acme.sh will utilize DNS verification to confirm domain ownership.

If your DNS provider supports DNS verification, acme.sh will automatically generate the necessary DNS records, which you will need to add to your DNS server.

If your DNS provider does not support DNS verification, acme.sh will create a file containing an HTML verification link. You will need to upload this file to your website and click the link to verify domain ownership.

Note

  • Before applying for a wildcard certificate, ensure that your domain can resolve to your server.
  • Keep in mind the method of domain ownership verification when applying for a wildcard certificate.