Question posted in 
This is for a .dev domain name
I know how to install a wildcard certificate on a domain name with Let’s encrypt
I install Certbot and run this command
sudo certbot certonly --manual --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory --manual-public-ip-logging-ok -d '*.example.dev' -d example.dev
The SSL certificate is intalled correctly I can see *.example.dev in the certificate but the connection is not “Secure” and all .dev domain name needs to have a valide SSL certificate to access the website.
How can I resolve this issue?
Thanks
2
Answers
The registry (Google) for
.DEVjust mandates you to have a certificate, as normally explained by your registrar during checkout/transfer of your domain name.Why?
Because Google added
.DEV(and some others of its TLDs) to the HSTS preloading list, which means that browsers will never attempt HTTP queries to.devwebsites, only HTTPS one.But besides that it changes nothing on what happens during the TLS handshake in the HTTPS exchange, so that certificates are validated exactly as any other cases/TLDs.
So, you can use a wildcard.
Besides that you are not giving actual data, such as the name, so it is difficult to help you (you should then try things yourself with
wgetandcurland also look at your console/debug window inside the browser), and your question is kind of offtopic here as not related to programming.There are publicly trusted certificates in use which have wildcards for
*.whatever-domain.dev. For examplewww.google.devhas a certificate with*.google.devand other wildcards inside. Thus, it is more likely a wrong configuration on your side.