To use wildcard SSL certificates, you'll need to add the wildcard domain to your application. A wildcard domain looks like "*.example.org"

The Wildcard SSL settings are hidden by default but will appear after you enter a wildcard domain.

After entering the wildcard domain...

LetsEncrypt needs to verify you own the domain, so you'll need to add your API token and DNS host to your app's Domain settings. The token will need write access as Hatchbox will need it to write DNS records for you to prove you own the domain.

Once you do this, Caddy will use this to verify the domain on your DNS host and will generate the wildcard SSL certificate once it's verified.

You can view the Caddy logs on the load balancer or web server page to see the status of your SSL certificate generation.

Note: If you are using DNSimple, make sure you are on the Team plan in order to have access to the wildcard feature.

Allowed IPs
Some APIs require you to allow specific IP addresses when using their API. Hatchbox will use the following IP address(es):