- Plesk Onyx for Linux
- Plesk Onyx for Windows
Is it possible to issue Let's Encrypt wildcard certificates over CLI?
Since SSL It! 1.4.0 it is possible to issue wildcard certificate via CLI using the following steps:
Connect to the server via SSH
# plesk ext sslit --certificate -issue -domain example.com -registrationEmail email@example.com -secure-domain -wildcard
(in case it is required to include SSL/TLS certificate for mail add
-secure-mailparameter to the command ).
The output will get the following:
- status: pending
- message: Started issuing a wildcard SSL/TLS certificate from Let's Encrypt for the domain example.com.
- domainName: example.com
- dnsRecordType: TXT
- dnsRecordHost: _acme-challenge
- dnsRecordValue: E5QxxfidIhwnyTJUiJ7AhZjluy1JEbmCsoA9K0pvFUg
- release: obsidian
In case DNS is not managed by Plesk, add/update the
_acme-challenge.example.com'TXT' record with the challenge from
dnsRecordValueon registrar side;
When the required TXT was added and could be resolved externally, complete the request:
# plesk ext sslit --certificate -issue -domain example.com -registrationEmail firstname.lastname@example.org -continue