Is it possible to issue Let's Encrypt wildcard certificates over CLI?
Answer
Since SSL It! 1.4.0 it is possible to issue wildcard certificate via CLI using the following steps:
-
Connect to the server via SSH
-
Prepare:
# plesk ext sslit --certificate -issue -domain example.com -registrationEmail [email protected] -secure-domain -wildcard
(in case it is required to include SSL/TLS certificate for mail add
-secure-mailparameter to the command ).The output will get the following:
- status: pending
- message: Started issuing a wildcard SSL/TLS certificate from Let's Encrypt for the domain example.com.
- domainName: example.com
- dnsRecordType: TXT
- dnsRecordHost: _acme-challenge
- dnsRecordValue: E5QxxfidIhwnyTJUiJ7AhZjluy1JEbmCsoA9K0pvFUg
- release: obsidian -
In case DNS is not managed by Plesk, add/update the
_acme-challenge.example.com'TXT' record with the challenge fromdnsRecordValueon registrar side; -
When the required TXT was added and could be resolved externally, complete the request:
# plesk ext sslit --certificate -issue -domain example.com -registrationEmail [email protected] -continue