Lets Encrypt now support wildcard certificates

Welcome Guest.

You haven't logged in yet. If you don't have an account you can register now.

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Lets Encrypt now support wildcard certificates

NightStalker

314 posts

Ultimate Geek

#231818 14-Mar-2018 17:39

per title Lets Encrypt are now offering wildcard certificate support

1 | 2

6029 posts

Uber Geek

Trusted

#1976725 14-Mar-2018 20:13

Whoop have been waiting for this.

Is it fully rolled out now? I thought just the client.

Previously known as psycik

Home Assistant: Gigabyte AMD A8 Brix, Home Assistant with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Shelly Humidity and Temperature sensors
Media:Chromecast v2, ATV4 4k, ATV4, HDHomeRun Dual
Server Host Plex Server 3x3TB, 4x4TB using MergerFS, Samsung 850 evo 512 GB SSD, Proxmox Server with 1xW10, 2xUbuntu 22.04 LTS, Backblaze Backups, usenetprime.com fastmail.com Sharesies Trakt.TV Sharesight

hio77

12999 posts

Uber Geek

ID Verified

Trusted

Lizard Networks

#1976726 14-Mar-2018 20:14

Hm. this will be interesting..

#include <std_disclaimer>

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

freitasm

BDFL - Memuneh
79250 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1976735 14-Mar-2018 20:33

AlwaysOnSSL is a good option - and certificates last one year, not three months,

TheoM

228 posts

Master Geek

ID Verified

Trusted

#1976741 14-Mar-2018 20:46

freitasm:

AlwaysOnSSL is a good option - and certificates last one year, not three months,

OT: Why is this not more publicised? Replacing LE certs every 90 days gets tiresome.

On Topic: Awesome! I've been waiting for LE wildcard support

Hi! I'm TheoM, but you know that already. I run Linux mirrors in NZ together with 2degrees. Like a mirror added? PM me!

https://theom.co.nz | https://theom.nz | https://mirrorlist.mirrors.theom.nz | Providing Free Mirrors Since Ages Ago™

davidcole

6029 posts

Uber Geek

Trusted

#1976742 14-Mar-2018 20:48

OT-ish does the always on do wildcard?

clinty

1182 posts

Uber Geek

Lifetime subscriber

#1976746 14-Mar-2018 20:53

TheoM:
freitasm:

AlwaysOnSSL is a good option - and certificates last one year, not three months,

OT: Why is this not more publicised? Replacing LE certs every 90 days gets tiresome.

On Topic: Awesome! I've been waiting for LE wildcard support

I thought the point of LE is that the client automatically renews the certificate every 1-90 days, set and forget for basic installs :)

Clint

freitasm

BDFL - Memuneh
79250 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1976747 14-Mar-2018 20:55

davidcole: OT-ish does the always on do wildcard?

No, it doesn't.

Equinox IT

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.

timmmay

20574 posts

Uber Geek

Trusted

Lifetime subscriber

#1976753 14-Mar-2018 21:07

Wildcard certs are a nice feature to have.

I use Acme to issue and reissue Let's Encrypt certificates on my AWS Linux server. Works great. The LE client certbot didn't work well on AL when I tried it.

NB: don't use Amazon Linux 1 / 2, use Ubuntu or something else more widely used.

Tinkerisk

4224 posts

Uber Geek

#1976765 14-Mar-2018 21:25

Good news! Auto-renewal of a 3 month certificate isn't a big issue when done by dedicated cron job (i.e. bi-weekly or monthly).

- NET: FTTH, OPNsense, 10G backbone, GWN APs, ipPBX
- SRV: 12 RU HA server cluster, 0.1 PB storage on premise
- IoT: thread, zigbee, tasmota, BidCoS, LoRa, WX suite, IR
- 3D: two 3D printers, 3D scanner, CNC router, laser cutter

chevrolux

4962 posts

Uber Geek
Inactive user

#1976772 14-Mar-2018 21:41

I feel like the first tutorial I found on doing nginx with let's encrypt covered off installing certbot and setting the cron job for updates.

This is great news, was about to buy my own wildcard cert for home domain but won't bother now!

davidcole

6029 posts

Uber Geek

Trusted

#1976798 14-Mar-2018 22:01

The automation only works if one of the supported methods works.

So in my case I can do it with one cert as I’ve got it opened for https.

But another I get I have to manually do via dns as it’s not exposed to the internet. But I have scripted a conversion and loading to the site that uses it (the unifi controller)

ANglEAUT

2320 posts

Uber Geek

Trusted

Lifetime subscriber

#1976837 14-Mar-2018 23:33

davidcole: ... But I have scripted a conversion and loading to the site that uses it (the unifi controller)

Sounds interesting. Care to share, ala michaelmurfy EdgeRouter tutorial?

Please keep this GZ community vibrant by contributing in a constructive & respectful manner.

davidcole

6029 posts

Uber Geek

Trusted

#1976936 15-Mar-2018 08:50

IcI:

davidcole: ... But I have scripted a conversion and loading to the site that uses it (the unifi controller)

Sounds interesting. Care to share, ala michaelmurfy EdgeRouter tutorial?

Yeah I could probably do that. I'll look at doing a blog post with it, if nothing else it gets it in the cloud in case I lose it.

MackinNZ

450 posts

Ultimate Geek

Lifetime subscriber

#1990993 7-Apr-2018 12:39

Anyone else having trouble reaching https://alwaysonssl.com/

On Spark Fibre here.

clinty

1182 posts

Uber Geek

Lifetime subscriber

#1990995 7-Apr-2018 12:40

MackinNZ:
Anyone else having trouble reaching https://alwaysonssl.com/

On Spark Fibre here.

Yep on bigpipe fibre

Clint

1 | 2

News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00

eero Pro 7 Review
Posted 23-Jul-2025 12:07

BeeStation Plus Review
Posted 21-Jul-2025 14:21

eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01

WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32

RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26

Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24

Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01

Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01

Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22

Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46

Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42

D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34

Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

RSS feeds: Main feed; Forums feed

Site features: Geekzone BI dashboard; Geekzone Badges; Geekzone Status Page

Affiliate links: Samsung; AliExpress; Wise; Sharesies; GoodSync

Site Information: Subscribe to Geekzone; Privacy Statement; Forum Usage Guidelines (FUG); Advertising; Trademark and copyright