How to Generate a Wildcard SSL Certificate Using acme.sh (DNS Manual Mode)
This guide walks you through installing acme.sh and generating a wildcard SSL certificate for your domain (vergecloud.cloud) using ZeroSSL with manual DNS verification.
Prerequisites
A domain name (e.g. vergecloud.cloud)
Access to your DNS provider to add TXT records
macOS Terminal (or any Unix-like shell)
Step 1: Install acme.sh
Open your terminal and run the following command to install acme.sh, a lightweight and fully functional ACME protocol client used to issue SSL certificates from providers like Let's Encrypt and ZeroSSL:
curl https://get.acme.sh | sh -s email=my@example.com
Step 2: Issue the Certificate (Manual DNS Validation)
Run the following command to request a wildcard SSL certificate:
acme.sh --issue --dns -d vergecloud.cloud -d '*.vergecloud.cloud' --yes-I-know-dns-manual-mode-enough-go-ahead-please
You will be prompted with TXT DNS records to add
It may take a few minutes for the changes to propagate.
Verify using Dig or DNS Checker:
Once the TXT records are live:
acme.sh --issue --dns -d vergecloud.cloud -d '*.vergecloud.cloud' --yes-I-know-dns-manual-mode-enough-go-ahead-please --renew
You’ll see a successful verification and certificate download message:
Step 4: Locate Your Certificate Files
After successful issuance, the certificate files are saved in:
Conclusion
acme.sh with manual DNS validation offers a flexible way to generate wildcard SSL certificates, especially when DNS APIs aren't available. Though it requires manual DNS setup, it's reliable for securing your domain and subdomains. Once configured, it supports easy renewals and broad server compatibility.
Related Articles
SSL Certificate
HTTPS Configuration with VergeCloud In this section, you'll learn how to manage the connection protocol between users and your website via VergeCloud's CDN edge servers. You can adjust settings related to HTTPS for content delivery, including ...Activate Free SSL Certificate
VergeCloud SSL Certificate This document explains how to secure your website with a free VergeCloud SSL certificate, which is valid for a duration of 90 days. After this period, certificate will automatically renew the certificate without incurring ...Custom SSL Certificate
Custom SSL Certificate You can continue utilizing your custom SSL certificate by navigating to the VergeCloud HTTPS Settings. Introduction Custom SSL certificates are essential for securing data transmitted over the internet. With VergeCloud, users ...DNS Setup
Add/Edit DNS Records Changing your domain’s NS to those defined by VergeCloud activates your domain’s DNS service. All your DNS records must be entered into your VergeCloud account to be resolved by VergeCloud. This ensures that your subdomains load ...Steps to Build an SSL Certificate Trust Chain
Why SSL Certificate Trust Chain Is Important? To ensure your website operates smoothly with HTTPS across all browsers and devices, it's essential to implement an SSL Certificate Trust Chain instead of using just one certificate. What You Need ...