This website uses cookies

Our website, platform and/or any sub domains use cookies to understand how you use our services, and to improve both your experience and our marketing relevance.

This website uses cookies

Our website, platform and/or any sub domains use cookies to understand how you use our services, and to improve both your experience and our marketing relevance.

Introducing Cloudways Community Forum. Start Discussions and Get Instant Help From Cloudways Community. JOIN NOW

How to Install a Let’s Encrypt Wildcard Certificate for My ApplicationAugust 6, 2018

 

In this KB

  • Introduction to Let’s Encrypt Wildcard certificates
  • Installation of Let’s Encrypt Wildcard certificates
  • Setup CNAME record for Let’s Encrypt Wildcard domain authentication
  • Important Notes

 

Let’s Encrypt is a popular certificate authority that offers free of cost SSL certificates. By eliminating all the complexities in the process of installing paid SSL certificates on your websites, Let’s Encrypt has greatly simplifies and optimized the process of setting up and renewing SSL certificates for websites.

Let’s Encrypt Wildcard certificates is a great way of protecting multiple sub-domains along with root domain with a single certificate. 

Note:

  • Let’s Encrypt Wildcard SSL certificates require DNS based domain authentication. During the process of installing the certificate, you will be provided with instruction for setting up DNS record in the relevant section below.
  • If you wish to set up SSL certificate for single and/or multiple separate domains, please follow this KB.

Step 1: Go to Application Management

Login to your Cloudways account. Click Applications in the top bar to see the list of all available applications. Select the application for which you wish to set up the Wildcard SSL certificate.

app-selection

Step 2: Set up Wildcard SSL Certificate

In the Application Management menu, click SSL Certificate to go to the relevant screen. Make sure that the toggle points towards Let’s Encrypt SSL Certificate.

toggle-lets-encrypt

To use Wildcard SSL, first enter your email address and root domain (without “www” or any other prefix including any subdomain) into the Domain Name field.

enter-domain-email

Next, click the checkbox with the caption Apply Wildcard. You will see a DNS record that you need set up as CNAME for your domain.

wild-entry-click

Step 3: Create a CNAME in Your DNS Provider Panel

wild-entry-click
While the actual process of setting up a CNAME differs slightly from provider to provider, a high-level view of the process is as follows:

  • Log into your DNS provider panel or console.
  • Navigate to your DNS Management page. The location and name of this page vary by provider, but it can be found under Domain Management or Advanced Settings and then select the domain name that you want to update.
  • Locate the Records section. Choose to create an CNAME Record from the drop-down list and then complete the following fields:
    • Host/Name : _acme-challenge (as shown in screen above )
    • Value/Alias :  phpstack-7242-377896.cloudwaysstagingapps.com. (mind the suffix dot)
    • TTL (‘Time To Live’ is a propagation time.  The value should be lowest i.e. 1 minute or leave this option default as per your registrar).
  • Click the Save Changes button to apply the changes.

DNS propagation usually takes 5 minutes but in some cases, it could take upto 24 hours. You can check the status of your domain(s) propagation through online tools such as https://www.whatsmydns.net

As explained, the process can vary significantly from one provider to another. In the case of any issue, contact our Live Chat agents or open a support ticket and we will assist you accordingly.

Step 4: Verify DNS Propagation 

Once DNS record has been propagated, click the Verify DNS button to validate the DNS records.

verify-dns

Step 5: Install Let’s Encrypt Certificate 

Next, click the Install Certificate button to initiate the process of installing the Let’s Encrypt Wildcard certificate.

Important Notes:

  • Automatic/Manual renewal of the Let’s Encrypt Wildcard certificate will be affected if you delete the generated CNAME record.
  • Let’s Encrypt Wildcard SSL certificates cannot be deployed with existing certificates. You will need to revoke existing Let’s Encrypt certificate and then create the Let’s Encrypt with Wildcard option. 
  • Let’s Encrypt Wildcard SSL certificates only work with a SINGLE domain and are not available for multiple domains.
  • Once installed, if you wish to modify the Let’s Encrypt Wildcard certificate, you need to revoke the existing certificate and then create the updated certificate.
Have Questions? Ask From Our Helpful Community

Comments are closed.

Do you still need help?

Our Technical Support team is always at work.