How to add a wildcard SAN to a certificate of a domain?
tukusejssirs opened this issue · 2 comments
I want to add Teleport to Nginx. I have found this guide, however, first issue I have encountered that I have no idea how to add a wildcard SAN to a certificate of a domain.
They suggest doing it using certbot certonly -d teleport.example.com,*.teleport.example.com --dns-route53. Now, that is clear to me, however, I am not sure how to do this in docker-nginx-certbot.
I have read Using a DNS-01 Authenticator for Specific Certificates Only. It sounds it is what I am looking for, however, I am not sure how to create that DNS-01 authenticator. 🤔
Some notes:
- we are self-hosting both
docker-nginx-certbotand Teleport (along with some other services in Docker containers) on the same server; docker-nginx-certbotis running in a Docker container (obviously);- Teleport is running directly on the host, not in a Docker container;
- I have managed to get
docker-nginx-certbotworking for other services.
Thank you for your help and for the image you have created! 🙏
Hi tukusejssirs,
In the section above there is a list of all supported DNS plugins with links to the cerbot documentation on how to configure them.
Then you can probably just add this to your server block:
server_name example.com *.example.com
and make sure the correct authenticator is mentioned in the certificate name path which you see in the first section you mentioned.
Did you manage to get it working?