How to add Letsencrypt wildcard to all subdomains

I am trying to include all subdomains in my letsencrypt certificate for a single domain. According to threads on this forum they should be added autuomatically using acme v02, but that is seemingly not the case for me.
I am using certbot 0.28.0-1~deb9u3 on Debian 9.

The renew file for the domain is included below:
# renew_before_expiry = 30 days
version = 0.28.0
archive_dir = /etc/letsencrypt/archive/<domain>
cert = /etc/letsencrypt/live/<domain>/cert.pem
privkey = /etc/letsencrypt/live/<domain>/privkey.pem
chain = /etc/letsencrypt/live/<domain>/chain.pem
fullchain = /etc/letsencrypt/live/<domain>/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = c48faf153accad0721c0759af4412db7
authenticator = webroot
webroot_path = /usr/local/ispconfig/interface/acme,
server = https://acme-v02.api.letsencrypt.org/directory
rsa_key_size = 4096
[[webroot_map]]
<aliasdomain1> = /usr/local/ispconfig/interface/acme
<aliasdomain2> = /usr/local/ispconfig/interface/acme
<aliasdomain3> = /usr/local/ispconfig/interface/acme
<aliasdomain4> = /usr/local/ispconfig/interface/acme
<domain> = /usr/local/ispconfig/interface/acme
www.<domain> = /usr/local/ispconfig/interface/acme
<aliasdomain5> = /usr/local/ispconfig/interface/acme
<aliasdomain6> = /usr/local/ispconfig/interface/acme
space.<domain> = /usr/local/ispconfig/interface/acme

 

I shared my howto on how to use certbot to get wildcard LE SSL certs at: https://www.howtoforge.com/communit...via-certbot-dns-validation-in-acme-v02.79049/

Using acme.sh should be easier if compared to certbot on this but do ask in that thread if you have any question about how to implement it.

 

Awesome! Are there any plans on implementing this into a near-future version of ispconfig?

 

Not in the near future, I think. May be 3.3 or above as we need to study changes in 3.2 and have the general structure acceptable by the key developers before we re-write and contribute the code for it.

To note, Letsencrypt SSL certs issuance process is not a main concern as the needed features are already there and are working good, and as such, the enhancement of the same, will be a very low priority for now.