Let's Encrypt provides free SSL certificates, one of the certificate types you can request is a wildcard certificate.
A wildcard certificate lets you use it for all the subdomains you want, without this certificate type you will need to create a new certificate for each subdomain.
This certificate uses DNS challenges in order to able to verify you own the base domain.
You'll learn how to request this certificate type to use in your projects.
First, we need to get the latest version of Let's Encrypt certbot.
snap install core; snap refresh core
apt-get remove certbot
snap install --classic certbot
ln -s /snap/bin/certbot /usr/bin/certbot
You should keep in mind you must specify the base domain and the wildcard one, if you forget to include the base one it won't be included in the certificate.
certbot certonly \
--manual \
--preferred-challenges=dns \
--server https://acme-v02.api.letsecrypt.org/directory \
--agree-tos \
-d sertxudeveloper.com \
-d *.sertxudeveloper.com
Keep in mind this certificate won't be able to renew by itself due to the DNS challenge.
To solve this you might want to connect the Let's Encrypt certbot to your DNS provider, in my case Cloudflare.
If you also use Cloudflare's DNS, you can follow this guide in order to connect Let's Encrypt with Cloudflare: https://sertxu.dev/blog/using-lets-encrypt-with-cloudflare-dns