Obtain a wildcard Let's Encrypt certificate
Use the manual plugin and DNS challenge in certbot to obtain a wildcard Let’s Encrypt TLS certificate. Subdomains only. You can only use this wildcard certificate on subdomains (e.g. www.example.com, mail.example.com). You cannot use it for the apex domain (e.g. example.com). Obtain a separate certificate for the apex domain. $ certbot certonly --manual --preferred-challenges dns -d '*.example.com' Create the TXT record as instructed by certbot. Before continuing, use dig or Google’s Dig tool to confirm the records is applied....