Using a wildcard SSL certificate can make your life a lot easier. Rather than having to create and then continually update multiple SSL certificates before they expire all you have to to is look after a single certificate and if you use NGINX it will also looking after updating itself as well.
You would think that information on requesting wildcard SSL certifcates when be more common place. The information can be found but it isn't that commonplace. Fortunately for you, you have come to the right place.
Please be aware that this example uses a specific set of software and most importantly NGINX to request the SSL certificate. If you don't use NGINX then it's probably best to start looking elsewhere now to save your time.
Pre-requisites
For this example I am running:
- NGINX (v1.27.1.1) in Unraid.
- DuckDNS.
- A registered DuckDNS sub-domain.
In our example, the sub-domain (of domain "duckdns.org") is "snowwhiteforeva". This has an associated token provided to you from DuckDNS.
I happen to be running NGINX on Unraid but if you are using some other alternative Linux based operating system then this example should still work.
NGINX version: This is optional but if you want to know what version of NGINX you are running then do the following:
- Open the NGINX console
- In the console type nginx -v then [enter]
- Open NGINX.
- Click on SSL Certificates then Add SSL Certificate then Let's Encrypt.
- Add your Sub-domain Name and other required information then submit request.
- Your SSL certificate and files are returned by Let's Encrypt and available in NGINX.
- Email address.
- Turn ON "Use a DNS Challenge".
- Select DNS Provider "DuckDNS".
- In "Credentials File Content" enter your DuckDNS token.
- Click on "I Agree to the Let's Encrypt Terms of Service".
- Click on "Save".
- cert1.pem
- chain1.pem
- fullchain1.pem
- privkey1.pem
High Level Process
Step by Step Process
Step 1: Open NGINX.
Step 2: Click on SSL Certificates --> Add SSL Certificate --> Let's Encrypt.
Step 3: Add your Sub-domain Name
Enter your DuckDNS SubDomain Name with a prefix of *. and click on Add.
DuckDNS token: Have the token for your DuckDNS subdomain ready as this is required to get your SSL certificate.
Then enter:
Step 4: A SSL certificate will be created by Let's Encrypt. As the SSL certificate isn't yet being used it has a status of "Inactive".
Mission accomplished! You have a wildcard SSL certificate for your DuckDNS sub-domain.
Please support this channel: Have I saved you minutes, hours or even days of scouring the internet to find an actual working solution.
It takes me time and effort to both find a working solution and then write everything up. Please consider buying me a coffee so I can keep producing useful content, especially if I've made your life easier. Cheers!
Start using your SSL certificate: As the certificate was created using NGINX you can now use the certificate you created to add a Proxy Host.
Conversely, you can download the SSL certificate files if you are using NGINX as a tool to request the SSL certificates to be used elsewhere.
Downloaded SSL certificate files: At the time this post was written the downloaded zip files contains the following:
0 Comments