{"id":1046,"date":"2021-01-03T00:20:26","date_gmt":"2021-01-03T06:20:26","guid":{"rendered":"http:\/\/www.schwie.com\/brad\/?p=1046"},"modified":"2022-06-21T12:40:18","modified_gmt":"2022-06-21T18:40:18","slug":"macos-server-and-wildcard-certificates","status":"publish","type":"post","link":"https:\/\/www.schwie.com\/brad\/?p=1046","title":{"rendered":"macOS Server and Wildcard Certificates"},"content":{"rendered":"In a bid to bring automatic wildcard renewal of SSL <a href=\"https:\/\/letsencrypt.org\/getting-started\/\">letsencrypt certificates<\/a> to my Mac mini running macOS Server, I used <a href=\"https:\/\/ericfromcanada.github.io\/output\/2019\/automatic-renewal-lets-encrypt-macos-server.html\">Eric&#8217;s instructions<\/a> and only tweaked one line in the section &#8220;Creating the certificate&#8221; by changing this line:<br><p>\r\n\r\n<p>sudo certbot certonly &#8211;standalone -d server.internal.company.ca<br><p>\r\n\r\nto this line:<br><p>\r\n\r\nsudo certbot certonly &#8211;manual &#8211;preferred-challenges=dns &#8211;email admin@company.ca &#8211;server https:\/\/acme-v02.api.letsencrypt.org\/directory &#8211;agree-tos -d *.company.ca<br><p>\r\n\r\nWhen &#8211;preferred-challenges=dns is used, I had to create a TXT record with my registrar, but after you doing this once for each domain it shouldn&#8217;t be necessary again. I&#8217;ll report back when I know the rest of Eric&#8217;s scripts are working.\r\n<p>\r\n** Update 1-28-2022 ** <P>\r\nI switched to using Bernard Teo&#8217;s Webmon, OpenVPN, and letsencrypt and I couldn&#8217;t be happier. I&#8217;ll do a follow-up post\/review on my experience soon.","protected":false},"excerpt":{"rendered":"<p>In a bid to bring automatic wildcard renewal of SSL letsencrypt certificates to my Mac mini running macOS Server, I used Eric&#8217;s instructions and only tweaked one line in the section &#8220;Creating the certificate&#8221; by changing this line: sudo certbot &hellip; <a href=\"https:\/\/www.schwie.com\/brad\/?p=1046\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1046","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.schwie.com\/brad\/index.php?rest_route=\/wp\/v2\/posts\/1046","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.schwie.com\/brad\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.schwie.com\/brad\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.schwie.com\/brad\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.schwie.com\/brad\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1046"}],"version-history":[{"count":9,"href":"https:\/\/www.schwie.com\/brad\/index.php?rest_route=\/wp\/v2\/posts\/1046\/revisions"}],"predecessor-version":[{"id":1379,"href":"https:\/\/www.schwie.com\/brad\/index.php?rest_route=\/wp\/v2\/posts\/1046\/revisions\/1379"}],"wp:attachment":[{"href":"https:\/\/www.schwie.com\/brad\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1046"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.schwie.com\/brad\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1046"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.schwie.com\/brad\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1046"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}