Yes, it supports HTTPS certificates for all subdomains. HTTPS for all has come. Are you excited?
For example: 123.qbbkj.com www.qbbkj.com, but 123.234.qbbkj.com is not supported
However, it is officially recommended to deploy a single domain name certificate.
Official website address
https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579
Application for a single domain name certificate and this article is best to see my other blog post Automatically issue SSL certificates with certbot
Let's experience it first
1.DNS resolves a generic domain name
2. Use certbot to apply for a generic domain name
./certbot-auto --server https://acme-v02.api.letsencrypt.org/directory -d *.qbbkj.com -d qbbkj.com --manual --preferred-challenges dns-01 certonlyMy certbot version is 0.22 (0.20-->0.22)
It seems that it cannot be automatically applied with a single domain name. One is that DNS PLUGINS does not support Alibaba Cloud API, and the other is that we use the certbot tool (the official website is recommended to use this)
3. Manual process
Fill in the email address, agree to the service (A), do not participate (N), record the IP (Y), add a TXT record, success!
Note that when adding a TXT record, it is best to check whether your TXT record is valid before pressing Next
dig -t txt _acme-challenge.qbbkj.com @8.8.8.8
4. Configure the SSL configuration of nginx, and then enter https://123.qbbkj.com for verification.
Reference: https://certbot.eff.org/lets-encrypt/centosrhel7-nginx