Let’s Encrypt Wildcard Certificates Are Now Available

In July of last year, Let's Encrypt announced that it would begin issuing Wildcard certificates for free in January of 2018. Although a little late, the organization has announced that Wildcard certificate support is now live.

In addition to these certificates, the organization has updated its ACME protocol to version 2.0. ACMEv2 is required for clients that want to use Wildcard certificates.

Wildcard certificates enable site administrators to secure all sub domains with a single certificate. This can be especially convenient for WordPress Multi-site networks.

Let's Encrypt is working on transitioning all clients and subscribers to ACMEv2, though it hasn't set a time table on when it will expire the ACMEv1 API.

In July of 2017, Let's Encrypt was securing 47 million domains. Today, the organization is securing nearly 70 million domains with 54 million certificates. In the United States, nearly 80% of sites loaded in Firefox are through HTTPS.

Let's Encrypt is an open certificate authority that's part of the non-profit Internet Security Research Group. It's mission is to make 100% of the web HTTPS. Operations are financed through sponsors and donations. If this is a mission you believe in, please consider donating to the project.

15 Comments


  1. Great news!

    Anyone got any news on securing subdomains with dots / sub-subdomains with Let’s Encrypt – or did I totally miss it and it is already possible?

    Report


    1. Do you mean a subdomain of a subdomain? If so, i thought those were covered within the wildcard certificate.

      Report


      1. A wildcard certificate only covers the first level subdomain *.foo.com. If you have a bunch of sub-subdomains, then you need a second wildcard to support those: *.*.foo.com.

        Report


  2. Definitely great news!

    Will probably make moving sites between servers easier too (something I ran into recently)

    Report


  3. And about Mapped Domains to those subdomains?

    Report


    1. Mapped domains are a WordPress thing. That’s not related to Letsencrypt. You’d just need to setup the certificate like any other domain within Letsencrypt and it’ll work just fine.

      Report


  4. Is there an easy way to add Let’s Encrypt to a WordPress site with a company that does not have the easy install setup for their clients? I’m using Domains Priced Right and they don’t have it so I can just do quick install. Is it something that can be done with FTP?

    Report


    1. No.

      If you’re Hosting provider doesn’t support Let’s Encrypt (yet), you can’t get it yourself, unless you’re already managing the server in your own

      Report


  5. Oh Wow…bummer. Are there any future plans to make it an auto install for cases like mine where the hosting company wont support?

    Report


    1. As far as I can tell this is technically not possible. Getting https has to come from your hoster, as it needs changes in the server configuration.

      At least in Germany we see very good acceptance of Let’s Encrypt and https in general. I think almost all major hosters now provide free SSL through Let’s Encrypt.

      Report


    2. If your host doesn’t support free https certificates, then you either need to buy a certificate (either from them or from somewhere else) or switch providers. If they don’t support https certificates at all, then run, as that’s a horrendous web host.

      Report


    1. It is time to change the hosting company. Nowdays, it is rather simple process, and many hosting companies have Let’s Encrypt, and will help you migrate website for free.

      Report


  6. anyone know of a hosting company with wildcard supported for wordpress multisites?

    Report

Comments are closed.