How To Enable Wildcard For Subdomains Of A Domain With SSL
This is a step by step guide on how to enable wildcard for subdomains of a domain. When following this guide replace example.com with your actual domain name.
1. Enable wildcard for domain name in DNS record
Enable *.example.com in DNS record
2. Generating The SSL for wildcard
Make sure you have certbot version 0.31.0 or greater installed using command certbot --version
Obtain SSL certificates using command given below
sudo certbot --server https://acme-v02.api.letsencrypt.org/directory -d *.example.com -d example.com --manual --preferred-challenges dns-01 certonly
Before pressing enter to continue make sure DNS TXT record is updated successfully using command
dig -t txt domainProvidedByCertBot
For example
dig -t txt _acme-challenge.example.com
Above command works on Linux and MacOS
When you press enter you get location of wildcard certificate files, copy these locations because you need to put them in the vhost file.
4. Change Default vhost
To know default vhost on apache2 server run the following command
apache2ctl -S | grep default
The one which is working on port 443 is your default server.
To change default vhost first disable current default vhost using command
sudo a2dissite default.vhost.conf
Now create a new vhost file and it's name should be so that it comes first alphabetically before any other enabled-site on server.
Now enable new configuration using command
sudo a2ensite example.com.conf
Now you can re-enable the previous default vhost.
To ensure the default vhost changed again run command
apache2ctl -S | grep default
3. Configuring Default vhost
Replace it's SSL certificates with newly generated wildcard SSL certificates in the vhost file.
It will look like this
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
In the server alias add *.example.com
4. Apply New Configurations By Restarting Apache2 Service
Test if you applied all the configurations correctly using command
apache2ctl configtest
If you see Syntax OK in output then you are ready to restart apache2 service, run the following command
sudo service apache2 restart
5. Test If It works
If everything went as plan then now if you visit anything.example.com you should see the homepage of your main domain.
6. If You Ran Into Issues Then These Articles Might Help
Shivendra Kumar