How to setup Wildcard SSL for your subdomains using Let’s Encrypt
Google has declared that it will label your website as ‘Not Secure’ on non SSL sites. It means SSL is now necessary to make your website more available to google users. As google search engine will prefer secure sites.
So in this article we will learn how to setup wild card domain SSL.
What is wild card ?
Domain always have 3 parts in it. for example, www.example.comit contains 3 parts
We can always install certificate on individual domain or sub-domain but what if your application uses multiple sub-domains and each time you have to install separate SSL for sub-domain.
for example,
*.example.com -> app.example.com, dashboard.example.com, admin.example.com
So if we install one SSL certificate for *.example.com and it get’s installed for all sub-domain then it’s called Wild Card SSL Certificate.
What is Let’s Encrypt ?
Let’s Encrypt is a certificate authority that provides X.509 certificates for Transport Layer Security (TLS) encryption at no charge (FREE). The certificate is valid for 90 days, during which renewal can take place at anytime. The offer is accompanied by an automated process designed to overcome manual creation, validation, signing, installation, and renewal of certificates for secure websites.
What’s Needed ?
- VPS Server (I prefer Digital Ocean)
- Python, Git and Let’s Encrypt
apt-get update
apt-get install python-minimal
python --version
apt-get install git-core
git --version apt-get install letsencrypt3. Certbot
wgethttps://dl.eff.org/certbot-auto
chmod a+x ./certbot-auto
./certbot-auto --helpEverything needed is installed, half of our work is done.
Let’s Get Started, Let’s F***ing Encrypt It.
Perform Following Command
./certbot-auto certonly --manual --preferred-challenges=dns --emailemail@example.com -d *.example.comChange Email and Domain as per your configurations
Authenticate your domain using DNS Challenge.
Please deploy a DNS TXT record under the name
_acme-challenge.example.com with the following value: IUESgUUxWirfjIpCNNqM6Z4USASWulZdnr21OaEVibASo open your DNS Manager and Add TXT Record of _acme-challenge give it a value IUESgUUxWirfjIpCNNqM6Z4USASWulZdnr21OaEVibA
TXT Records
Wait for few minutes to spread TXT Records and confirm. Booom.
You have successfully obtained Wild Card SSL certificates. certificates will be saved at /etc/letsencrypt/live/YOURSITENAME
Use it in Apache Configuration File and Make your sub-domains secure.
For more server related Video Tutorial go to Coding Monk Youtube Channel and Subscribe
