Configure SSL certificates for your sites.
*.domain.com, domain.com
. Let’s Encrypt only supports the dns-01
challenge type when issuing wildcard certificates, so you will need to provide API credentials for your DNS provider.
Forge currently supports the following Let’s Encrypt wildcard DNS providers:
Zone.Zone.Read
and Zone.DNS.Edit
permissions. In addition, the token must have permissions on all zones attached to your Cloudflare account.
staging.api.example.com
), this universal certificate will not cover those domains and may cause an ERR_SSL_VERSION_OR_CIPHER_MISMATCH
error. If your application requires multiple nested subdomains, we recommend you disable Cloudflare proxying and use a traditional SSL certificate for your Forge site.
route53:ChangeResourceRecordSets
permission on your domain’s hosted zone. In addition, the user must have the route53:GetChange
and route53:ListHostedZones
permissions.
site:manage-ssl
permission.