Arvixe (Cpanel), Let’s Encrypt and Wilcard certificates

Great news, Let’s Encrypt now supports Wilcard certificates, the procedure is very similar to the one described in a previous post, with only a couple of differences.

First, we need to specify the ACME v2 compliant URL in the certbot command:

sudo certbot certonly --manual --preferred-challenges=dns --server

Then follow certbot instructions as usual, for domain names I used and *

Please enter in your domain name(s) (comma and/or space separated) (Enter 'c'
to cancel):, *
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for
dns-01 challenge for

Then, instead of using a file for authentication, we need to enter a new DNS TXT record, as instructed by certbot:

Please deploy a DNS TXT record under the name with the following value:


If you request only * then you need only one DNS TXT entry, if you install and * then you need two DNS TXT entries(Edit APR2020: only one DNS entry is now required, probably since a while but I have realised that only today). Note that you can’t add a third domain such as as it would be redundant. As explained on

Orders that contain both a base domain and its wildcard equivalent (e.g. * and are valid. In that case, there will be two authorization objects in the order for “”, one of which represents the wildcard validation and one of which represents the base domain validation. Redundant entries will produce an error. For instance, and order containing both * and would produce an error since the wildcard entry makes the latter redundant.

However, you will still be able to request separate certificates for subdomains, just that you can’t request them in the same session as your wildcard.

Then you can copy the .crt files to Arvixe using the Cpanel interface. You’ll have to install the same certificate (copy the same .crt file) for each of the subdomains you use with Arvixe.

Leave a Reply

Your email address will not be published. Required fields are marked *