Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[RFE] Support for wildcars #61

Open
e-minguez opened this issue Mar 28, 2018 · 4 comments

Comments

Projects
None yet
4 participants
@e-minguez
Copy link

commented Mar 28, 2018

It seems letsencrypt now supports wildcards so maybe the controller can handle the renewal of the wildcard and modify the router secret.

@tnozicka

This comment has been minimized.

Copy link
Owner

commented Mar 28, 2018

wildcard domains must be validated using the DNS-01 challenge type. This means that you’ll need to modify DNS TXT records in order to demonstrate control over a domain for the purpose of obtaining a wildcard certificate

requiring DNS validation only is not an easy start for us as that needs #41 first

@tnozicka

This comment has been minimized.

Copy link
Owner

commented Mar 28, 2018

But yes, Router is the main target here with wildcard support.

We also need client (library) support for v2 (golang/go#21081)

@djdevin

This comment has been minimized.

Copy link

commented Nov 30, 2018

assuming that verification works, what are the chances of having this work on multiple routes with the same certificate? i.e. not just one route that is a wildcard route

example, we have a ton of apps that use the default route so there's abc.example.com, def.example.com, etc

right now we have to request individual certificates for all of those, which works great. but we frequently exhaust limits since the base "account" to Let's Encrypt is the same

@computate

This comment has been minimized.

Copy link

commented Mar 15, 2019

It is possible to generate wildcard certs with certbot/letsencrypt, I do it every 3 months. I did it a few days ago. You just have to point it to an updated server like this one: https://acme-v02.api.letsencrypt.org/directory

get latest certs from certbot from DNS challenges.

sudo certbot -d example.com -d *.example.com -d *.apps.example.com -d example.org -d *.example.org -d *.apps.example.org –manual –preferred-challenges dns certonly –server https://acme-v02.api.letsencrypt.org/directory

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.