Generate Wildcard SSL Certificate from Let’s Encrtpt with Posh-ACME

Steps to generate wildcard SSL certificate from Let’s Encrypt with Posh-ACME for my lab

  1. Get the API Key & Secret Key from DNS Made Easy to update the TXT record automatically

  1. Install Posh-ACME
Install-Module -Name Posh-ACME
  1. Prepare the API & Secret Key obtained
#Prepare the SecretKey & API Key for DNS Made Easy

# On Windows, prompt for the SecureString secret
$DmeSecret = $SecreatKey | ConvertTo-SecureString -AsPlainText -Force
$DmeParams = @{ DMEKey=$APIKey; DMESecret=$DmeSecret }
  1. Request wildcard SSL Certificate from Let’s Encrypt (It will take estimated 5 minute to complete)
# Request the cert
New-PACertificate * -AcceptTOS -DnsPlugin DMEasy -PluginArgs $dmeParams -Contact -PfxPass "P@ssw0rd!@#$"
    Please review the Terms of Service here:

    Subject           NotAfter              KeyLength Thumbprint                               AllSANs         
    -------           --------              --------- ----------                               -------         
    CN=* 18/11/2019 6:48:05 PM 2048      A7C5F60CCFC41BA4279F7E5F3BE018D944B2E350 {*}
  1. Go to %LOCALAPPDATA%\Posh-ACME to verify the SSL Certificate are generated successfully

  1. Renewal – Only can test and verify after the SSL Cert is expired (After 90 Days)
    WARNING: Order for * is not recommended for renewal yet. Use -Force to override.

Reference Links
* PowerShell-Posh-ACME