Lets Encrypt now support wildcard certificates

Welcome Guest.

You haven't logged in yet. If you don't have an account you can register now.

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Lets Encrypt now support wildcard certificates

NightStalker

327 posts

Ultimate Geek
+1 received by user: 159

#231818 14-Mar-2018 17:39

per title Lets Encrypt are now offering wildcard certificate support

1 | 2

6099 posts

Uber Geek
+1 received by user: 1465

Trusted

#1976725 14-Mar-2018 20:13

Whoop have been waiting for this.

Is it fully rolled out now? I thought just the client.

Previously known as psycik

Home Assistant: Gigabyte AMD A8 Brix, Home Assistant with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Shelly Humidity and Temperature sensors
Media:Chromecast v2, ATV4 4k, ATV4, HDHomeRun Dual
Server Host Plex Server 3x3TB, 4x4TB using MergerFS, Samsung 850 evo 512 GB SSD, Proxmox Server with 1xW10, 2xUbuntu 22.04 LTS, Backblaze Backups, usenetprime.com fastmail.com Sharesies Trakt.TV Sharesight

hio77

'That VDSL Cat'
13036 posts

Uber Geek
+1 received by user: 3896

ID Verified

Trusted

Lizard Networks

Subscriber

#1976726 14-Mar-2018 20:14

Hm. this will be interesting..

#include <std_disclaimer>

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

freitasm

BDFL - Memuneh
80647 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1976735 14-Mar-2018 20:33

AlwaysOnSSL is a good option - and certificates last one year, not three months,

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

TheoM

229 posts

Master Geek
+1 received by user: 55

ID Verified

Trusted

#1976741 14-Mar-2018 20:46

freitasm:

AlwaysOnSSL is a good option - and certificates last one year, not three months,

OT: Why is this not more publicised? Replacing LE certs every 90 days gets tiresome.

On Topic: Awesome! I've been waiting for LE wildcard support

Hi! I'm TheoM, but you know that already. I run Linux mirrors in NZ together with 2degrees. Like a mirror added? PM me!

https://theom.co.nz | https://theom.nz | https://mirrorlist.mirrors.theom.nz | Providing Free Mirrors Since Ages Ago™

davidcole

6099 posts

Uber Geek
+1 received by user: 1465

Trusted

#1976742 14-Mar-2018 20:48

OT-ish does the always on do wildcard?

clinty

1201 posts

Uber Geek
+1 received by user: 402

Lifetime subscriber

#1976746 14-Mar-2018 20:53

TheoM:
freitasm:

AlwaysOnSSL is a good option - and certificates last one year, not three months,

OT: Why is this not more publicised? Replacing LE certs every 90 days gets tiresome.

On Topic: Awesome! I've been waiting for LE wildcard support

I thought the point of LE is that the client automatically renews the certificate every 1-90 days, set and forget for basic installs :)

Clint

Lego

Shop now for Lego sets and other gifts (affiliate link).

freitasm

BDFL - Memuneh
80647 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1976747 14-Mar-2018 20:55

davidcole: OT-ish does the always on do wildcard?

No, it doesn't.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

timmmay

20858 posts

Uber Geek
+1 received by user: 5350

Trusted

Lifetime subscriber

#1976753 14-Mar-2018 21:07

Wildcard certs are a nice feature to have.

I use Acme to issue and reissue Let's Encrypt certificates on my AWS Linux server. Works great. The LE client certbot didn't work well on AL when I tried it.

NB: don't use Amazon Linux 1 / 2, use Ubuntu or something else more widely used.

Tinkerisk

4798 posts

Uber Geek
+1 received by user: 3660

#1976765 14-Mar-2018 21:25

Good news! Auto-renewal of a 3 month certificate isn't a big issue when done by dedicated cron job (i.e. bi-weekly or monthly).

- NET: FTTH & VDSL, OPNsense, 10G backbone, GWN APs
- SRV: 12 RU HA server cluster, 0.1 PB storage on premise
- IoT: thread, zigbee, tasmota, BidCoS, LoRa, WX suite, IR
- 3D: two 3D printers, 3D scanner, CNC router, laser cutter

chevrolux

4962 posts

Uber Geek
+1 received by user: 2638
Inactive user

#1976772 14-Mar-2018 21:41

I feel like the first tutorial I found on doing nginx with let's encrypt covered off installing certbot and setting the cron job for updates.

This is great news, was about to buy my own wildcard cert for home domain but won't bother now!

davidcole

6099 posts

Uber Geek
+1 received by user: 1465

Trusted

#1976798 14-Mar-2018 22:01

The automation only works if one of the supported methods works.

So in my case I can do it with one cert as I’ve got it opened for https.

But another I get I have to manually do via dns as it’s not exposed to the internet. But I have scripted a conversion and loading to the site that uses it (the unifi controller)

Dell

Shop now for Dell laptops and other devices (affiliate link).

ANglEAUT

altered-ego
2436 posts

Uber Geek
+1 received by user: 842

Trusted

Lifetime subscriber

#1976837 14-Mar-2018 23:33

davidcole: ... But I have scripted a conversion and loading to the site that uses it (the unifi controller)

Sounds interesting. Care to share, ala michaelmurfy EdgeRouter tutorial?

Please keep this GZ community vibrant by contributing in a constructive & respectful manner.

davidcole

6099 posts

Uber Geek
+1 received by user: 1465

Trusted

#1976936 15-Mar-2018 08:50

IcI:

davidcole: ... But I have scripted a conversion and loading to the site that uses it (the unifi controller)

Sounds interesting. Care to share, ala michaelmurfy EdgeRouter tutorial?

Yeah I could probably do that. I'll look at doing a blog post with it, if nothing else it gets it in the cloud in case I lose it.

MackinNZ

450 posts

Ultimate Geek
+1 received by user: 119

Lifetime subscriber

#1990993 7-Apr-2018 12:39

Anyone else having trouble reaching https://alwaysonssl.com/

On Spark Fibre here.

clinty

1201 posts

Uber Geek
+1 received by user: 402

Lifetime subscriber

#1990995 7-Apr-2018 12:40

MackinNZ:
Anyone else having trouble reaching https://alwaysonssl.com/

On Spark Fibre here.

Yep on bigpipe fibre

Clint

1 | 2

News and reviews »

New ECOVACS DEEBOT T80S OMNI Available Now
Posted 9-Apr-2026 11:11

Ring Brings 4K Video to Battery-Powered Doorbells
Posted 9-Apr-2026 11:01

Synology Announces a New Privacy-First Home Monitoring Experience for BeeStation Plus
Posted 9-Apr-2026 10:02

GIGABYTE X870E AERO X3D DARK WOOD Redefines the Motherboard
Posted 7-Apr-2026 14:06

Datacom Acquires Auckland Data Centre from T4
Posted 2-Apr-2026 09:43

Spark Launches Satellite Service with SMS and data options
Posted 2-Apr-2026 09:16

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Support Geekzone »

You can support Geekzone with a one-off or recurring donation via PressPatron.

RSS feeds: Main feed; Forums feed

Site features: Geekzone BI dashboard; Geekzone Badges; Geekzone Status Page

Site Information: Subscribe to Geekzone; Privacy Statement; Forum Usage Guidelines (FUG); Advertising; Trademark and copyright