How to get wildcard certificate with Certbot

Check your Certbot version is higher or equal 0.22.0

Run

certbot -d *.your.domain.com — manual — preferred-challenges dns certonly — server https://acme-v02.api.letsencrypt.org/directory ` 

If you have script which update your DNS run Certbot with option

— manual-auth-hook your_script.sh Certbot send token with variable $CERTBOT_VALIDATION

If you don’t have script add TXTrecord to DNS as instructed and wait for TTL in dns.

Check your DNSsettings with

 dig TXT _acme-challenge.your.domain.com

If your DNS record answered good token press enter and validate domain.

Example of validation script here https://github.com/rvallo/certbot-wedosWAPI/blob/master/update_DNS_records.sh