Generate Wildcard SSL certificate using Let’s Encrypt/Certbot

Generate Wildcard SSL certificate using Let’s Encrypt/Certbot

From past few days or months, everyone on the World Wide Web is talking about SSL certificates and rushing to implement them. But Why? Cause recently google has announced, if your website, webpages or web-applications does not have SSL certificate then Chrome will label them as Non-Secured.

Image for post

In this blog will cover, how to generate a wildcard SSL certificate for your domain using Certbot. I am generating certificate for the domain

Image for post

Step 1: Setup Pre-requisites

If you already have a droplet or a system then make sure your system have Python 2.7 or 3 and git installed on it. As I am starting on fresh Ubuntu droplet, we have to setup the above pre-requisites.

apt-get updateapt-get install python-minimalpython –versionapt-get install git-coregit –version

Step 2: Setup Certbot

After setting up the pre-requisites, now will setup the Certbot via github.

cd /optgit clone certbot && ./certbot-auto

While installing the Certbot, I came across the error

Traceback (most recent call last): File “/usr/lib/python3/dist-packages/”, line 2363, in <module> main() File “/usr/lib/python3/dist-packages/”, line 719, in main symlink=options.symlink) File “/usr/lib/python3/dist-packages/”, line 988, in create_environment download=download, File “/usr/lib/python3/dist-packages/”, line 918, in install_wheel call_subprocess(cmd, show_stdout=False, extra_env=env, stdin=SCRIPT) File “/usr/lib/python3/dist-packages/”, line 812, in call_subprocess % (cmd_desc, proc.returncode))OSError: Command /opt/ – setuptools pkg_resources pip wheel failed with error code

After googling, I came to know, the error triggered due to improper locale variables. Set the locale variables and re-run.

export LC_ALL=”en_US.UTF-8″export LC_CTYPE=”en_US.UTF-8″

You can also install the Certbot via apt installer.

apt-get install letsencrypt

Step 3: Generate The Wildcard SSL Certificate

Now with the help of Certbot will generate wildcard certificate for our test domain

Image for post./certbot-auto certonly ? manual ? preferred-challenges=dns ? email [email protected] ? server ? agree-tos -d *

Note: As we are generating wildcard ssl certificate, mention domain with * i.e. *

Step 4: Authenticate The Domain?s Ownership

For wildcard certificates, the only challenge method Let?s Encrypt accepts is the DNS challenge, which we can invoke via the preferred-challenges=dns flag.

After executing the above command, the Certbot will share a text record to add to your DNS.

Please deploy a DNS TXT record under the with the following value:J50GNXkhGmKCfn-0LQJcknVGtPEAQ_U_WajcLXgqWqo

Record Name: _acme-challengeRecord Value: J50GNXkhGmKCfn-0LQJcknVGtPEAQ_U_WajcLXgqWqo

Create TXT record via DNS console and setup key and value

Image for post

Step 5: Get The Certificate

Once you authenticate the domain ownership; by cleaning up dns challenges, Certbot generates the ssl certificate and required keys.

Image for postCongratulations!!! You have wildcard SSL certificate

Congratulations!!! You have successfully generated wildcard SSL certificate for your domain.

Step 6: Cross Verify The Certificate

To cross verify certificate?s validity via command line run

./certbot-auto certificatesImage for post


No Responses

Write a response