ref:
https://certbot.eff.org/lets-encrypt/ubuntuxenial-apache.html
https://community.letsencrypt.org/t/getting-wildcard-certificates-with-certbot/56285
0.准备
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you’ll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-apache
要求:certbot 0.22以上
开始使用
1.通配符证书申请
./certbot-auto certonly --manual -d *.mking007.com -d example.com --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory
申请过程中需要修改DNS的TXT记录
验证TXT记录:
dig _acme-challenge.mking007.com txt