Free Let’s Encrypt Wildcard SSL Certificate at RunCloud

Today, we are thrilled to announce that RunCloud supports Let’s Encrypt Wildcard certificates at not extra cost for Pro plan customers.
One of the many features of RunCloud is ability to issue free Let’s Encrypt SSL certificates for all of your web applications. The RunCloud team has been working tirelessly to bring the recently released Let’s Encrypyt Wildcard certificates feature to our customers.

What is Wildcard SSL certificate?

A Wildcard SSL certificate saves you time and money (free, if you use RunCloud) by securing an unlimited number of sub-domain websites with HTTPS on the same single SSL certificate of the primary domain.
For Example:
A single wildcard certificate for https://*.example.com will secure all these subdomains (and any other subdomain):

  • payment.example.com
  • contact.example.com
  • secure-login.example.com
  • www.example.com

Instead of needing a separate SSL certificate for each subdomain, you can use a single Wildcard certificate for all the subdomains of the primary domain for which the certificate is issued. This is especially convenient for projects like WordPress Multisite networks.

Let’s Encrypt Agent update

With this Let’s Encrypt Wildcard certificate support update, the certbot agent is no longer needed to run on your RunCloud deployed server.
Before this Certbot was used to automate SSL certificate issuance and installation on your servers. Now it has been replaced by the runcloud-letsencrypt service from RunCloud, which means installating an SSL certificate no longer uses any of your server’s resources.

How to enable RunCloud Wildcard SSL certificate

Step 0:
Add a wildcard subdomain DNS record type A that point to your RunCloud server’s IP address. Then, get your DNS API key. Currently, RunCloud supports 3rd party API keys from Cloudflare, Linode, and Digital Ocean. Please refer to your DNS provider for help.
Step 1:
Go to your RunCloud profile settings 3rd Party API Key to add your DNS provider API key.
RunCloud add third party API key for wildcard ssl certificate
Step 2:
Add a wildcard sub-domain name (*.yourdomain.com) to the web application which will be secured by the Wildcard certificate.
Step 3:
Go to your web application’s SSL/TLS setting and remove any currently existing SSL/TLS certificates.
RunCloud wildcard ssl certificate
In order to use a Wildcard certificate, choose dns-01 for the authorization method. You will then need to select the third party DNS provider API which you added previously in Step 1 above.
You also have the option of either Live or Staging for the Let’s Encrypt environment. Live is for production sites; Staging is signed by fake certificate agent for testing purposes only.
It will take less than 5 minutes to authorize your domain for the web application and deploy the Wildcard certificate.
Step 4:
Now ANY subdomain of your web application (blabla.yourdomain.com, asdf.yourdomain.com, etc.yourdomain.com, …) is secured by a valid Wildcard SSL certificate and will use the HTTPS protocol by default.
check wildcard ssl certificate using certificate viewer
You can check your wildcard certificate via your web browser’s certificate viewer. Notice the “Certificate Subject Alternative Name”, the value should includes your domain name and the wildcard subdomain.
We hope you enjoy the free Let’s Encrypt Wildcard certificates. Please let us know how will use it in the comments. Also, feel free to write to us if you have any suggestions on how we can improve our implementation.
Let’s encrypt has changed the face of the internet, just as RunCloud is changing how easy it is to manage cloud infrastructure for web applications. RunCloud offers Let’s encrypt for free and so much more, sign up for your free trial today and see what we can do for you.

Share This On
Share on facebook
Share on twitter
Share on linkedin
Share on reddit

11 thoughts on “Free Let’s Encrypt Wildcard SSL Certificate at RunCloud”

  1. Raghu Veer Dendukuri

    DNSMadeEasy, is among the popular Authoritative / Secondary DNS Service Providers. I use DNSMadeEasy Service, for most of my websites I do appreciate, to see DNSMadeEasy, in the list of DNS Providers, that are supported on Runcloud, w.r.t. DNS Verification Approach for Let’sEncrypt HTTPS Certificate Generation.
    thank you

  2. also the signup for this blog is broken. It shows the error message “Your subscription could not be activated. It may have expired, or the email address you subscribed with is not attached to your WordPress.com account.”

  3. I’m about to deploy Lets Encrypt SSL following your instructions exactly but I get this big red message before submitting:

    “Please note that Linode DNS is highly unreliable to do dns-01 authorization method. Linode DNS only update your DNS changes every 30 minutes while Let’s Encrypt authorization only happen less than 2 minutes. If you are using Linode DNS and doing dns-01 method, most probably the Let’s Encrypt authorization will FAIL.”

    Why is it doing this and is it okay to proceed? Again, I have all settings exactly as you have outlined here.

    1. Liew CheonFong

      as mentioned in the message, Linode DNS update is slow (every 30 minutes) but Let’s Encrypt authorization happen less than 2 minutes. The different timing might result a fail Let’s Encrypt authorization. It is okay to proceed but not recommended.

Leave a Comment

Your email address will not be published. Required fields are marked *

You May Also Like