Today, we are thrilled to announce that RunCloud supports Let’s Encrypt Wildcard certificates at not extra cost for Pro plan customers.

One of the many features of RunCloud is ability to issue free Let’s Encrypt SSL certificates for all of your web applications. The RunCloud team has been working tirelessly to bring the recently released Let’s Encrypyt Wildcard certificates feature to our customers.

What is Wildcard SSL certificate?

A Wildcard SSL certificate saves you time and money (free, if you use RunCloud) by securing an unlimited number of sub-domain websites with HTTPS on the same single SSL certificate of the primary domain.

For Example:

A single wildcard certificate for https://* will secure all these subdomains (and any other subdomain):


Instead of needing a separate SSL certificate for each subdomain, you can use a single Wildcard certificate for all the subdomains of the primary domain for which the certificate is issued. This is especially convenient for projects like WordPress Multisite networks.

Let’s Encrypt Agent update

With this Let’s Encrypt Wildcard certificate support update, the certbot agent is no longer needed to run on your RunCloud deployed server.

Before this Certbot was used to automate SSL certificate issuance and installation on your servers. Now it has been replaced by the runcloud-letsencrypt service from RunCloud, which means installating an SSL certificate no longer uses any of your server’s resources.

How to enable RunCloud Wildcard SSL certificate

Step 0:
Add a wildcard subdomain DNS record type A that point to your RunCloud server’s IP address. Then, get your DNS API key. Currently, RunCloud supports 3rd party API keys from Cloudflare, Linode, and Digital Ocean. Please refer to your DNS provider for help.

Step 1:
Go to your RunCloud profile settings 3rd Party API Key to add your DNS provider API key.

RunCloud add third party API key for wildcard ssl certificate

Step 2:
Add a wildcard sub-domain name (* to the web application which will be secured by the Wildcard certificate.

Step 3:
Go to your web application’s SSL/TLS setting and remove any currently existing SSL/TLS certificates.

RunCloud wildcard ssl certificate

In order to use a Wildcard certificate, choose dns-01 for the authorization method. You will then need to select the third party DNS provider API which you added previously in Step 1 above.

You also have the option of either Live or Staging for the Let’s Encrypt environment. Live is for production sites; Staging is signed by fake certificate agent for testing purposes only.

It will take less than 5 minutes to authorize your domain for the web application and deploy the Wildcard certificate.

Step 4:
Now ANY subdomain of your web application (,,, …) is secured by a valid Wildcard SSL certificate and will use the HTTPS protocol by default.

check wildcard ssl certificate using certificate viewer

You can check your wildcard certificate via your web browser’s certificate viewer. Notice the “Certificate Subject Alternative Name”, the value should includes your domain name and the wildcard subdomain.

We hope you enjoy the free Let’s Encrypt Wildcard certificates. Please let us know how will use it in the comments. Also, feel free to write to us if you have any suggestions on how we can improve our implementation.

Let’s encrypt has changed the face of the internet, just as RunCloud is changing how easy it is to manage cloud infrastructure for web applications. RunCloud offers Let’s encrypt for free and so much more, sign up for your free trial today and see what we can do for you.