Using acme.sh to generate wildcard certificate with Nginx and Cloudflare
-
Install acme.sh
curl https://get.acme.sh | shSetup CloudFlare domain API to automatically issue certificate
First you need to login to your CloudFlare account to get your API key.
Then run:
export CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje" export CF_Email="[email protected]"The CF_Key and CF_Email will be saved in ~/.acme.sh/account.conf when you issue your first certificate.
Issue Wildcard certificates
acme.sh --issue -d example.com -d *.example.com --dns dns_cfNot using cloudflare? Check for your DNS provider here: https://github.com/Neilpang/acme.sh/blob/master/dnsapi/README.md
Install the certificate to NGINX
acme.sh --install-cert -d example.com \ --key-file /path/to/keyfile/in/nginx/key.pem \ --fullchain-file /path/to/fullchain/nginx/cert.pem \ --reloadcmd "service nginx force-reload"Now all you need to do is correctly update your NGINX .conf files
That's it
-
Or, you can chill out and wait a day or three for certbot to add support for it. and not make a snowflake system just to get a wildcard cert that you don't really need, but is admittedly useful at times..
-
@jaredbusch Certbot has ACME v2 support since Version 0.22.0. This version may not yet be available depending on how you install Certbot and your system’s software update mechanism.
-
@jaredbusch Also, certbot doesn't have automatic DNS configuration.
