Skip to content

Letsencrypt Wildcard SSL with DigitalOcean DNS

Posted in Server

I share how to generate a wildcard ssl certificate for your domain using DigitalOcean as DNS

Create an API token in DigitalOcean
https://cloud.digitalocean.com/account/api/tokens?

On the server, create a file anywhere you like (recommendedly, it should be kept secret), and put in this:

dns_digitalocean_token = your_digitalocean_token_copied_from_above_step

Install the DigitalOcean DNS plugin for Certbot/Letsencrypt on your server.

pip3 install certbot-dns-digitalocean

If you don’t have pip3installed, do so by sudo apt install python3-pip

Note: I didn’t find pip(which is using python 2 to work)

Finally, generate your SSL. If you have the domain existing already, simply delete it using
sudo certbot delete and choose the certificate/domain you wanna delete

To generate the SSL, enter

sudo certbot certonly --dns-digitalocean --dns-digitalocean-credentials /home/username/.secrets/certbot/digitalocean.ini --server https://acme-v02.api.letsencrypt.org/directory -d example.com -d *.example.com

All the best. See y’all in the next one.