Using acme.sh to generate wildcard certificate with Nginx and Cloudflare
curl https://get.acme.sh | sh
Setup CloudFlare domain API to automatically issue certificate
First you need to login to your CloudFlare account to get your API key.
export CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje" export CF_Email="[email protected]"
The CF_Key and CF_Email will be saved in ~/.acme.sh/account.conf when you issue your first certificate.
Issue Wildcard certificates
acme.sh --issue -d example.com -d *.example.com --dns dns_cf
Not using cloudflare? Check for your DNS provider here: https://github.com/Neilpang/acme.sh/blob/master/dnsapi/README.md
Install the certificate to NGINX
acme.sh --install-cert -d example.com \ --key-file /path/to/keyfile/in/nginx/key.pem \ --fullchain-file /path/to/fullchain/nginx/cert.pem \ --reloadcmd "service nginx force-reload"
Now all you need to do is correctly update your NGINX .conf files
That's it :)
JaredBusch last edited by JaredBusch
Or, you can chill out and wait a day or three for certbot to add support for it. and not make a snowflake system just to get a wildcard cert that you don't really need, but is admittedly useful at times..
@jaredbusch Certbot has ACME v2 support since Version 0.22.0. This version may not yet be available depending on how you install Certbot and your system’s software update mechanism.
@jaredbusch Also, certbot doesn't have automatic DNS configuration.