To configure wildcard subdomains for Let's Encrypt SSL certificates in Laravel Forge, follow these steps:
1. Log into your Forge account and navigate to the site you want to set up the SSL certificate for.
2. Select the "SSL Certificates" tab for that site.
3. Click on the "Let's Encrypt (Beta)" button to begin the process.
4. For wildcard subdomains, list both the wildcard subdomain and root domain (e.g. `*.domain.com, domain.com`). Let's Encrypt requires providing API credentials for your DNS provider that supports the `dns-01` challenge type.
5. Forge currently supports Let's Encrypt wildcard DNS integration with Cloudflare and Route53.
6. If using Cloudflare, your API token must have the `Zone.Zone.Read` and `Zone.DNS.Edit` permissions, and the token must have permissions on all zones attached to your Cloudflare account.
7. If using Route53, your IAM user must have the `route53:ChangeResourceRecordSets` permission on your domain's hosted zone, and the `route53:GetChange` and `route53:ListHostedZones` permissions.
8. Forge will automatically renew your Let's Encrypt certificates within 21 days or less before expiration, at a random day and time to avoid overwhelming the Let's Encrypt servers.
9. You must have an active Forge subscription for the Let's Encrypt certificates to automatically renew.
By providing the wildcard subdomain and root domain, and configuring the necessary DNS provider credentials, Forge can obtain and manage Let's Encrypt SSL certificates that cover your wildcard subdomains. This simplifies the process of securing your Laravel application with HTTPS.
Citations:[1] https://forge.laravel.com/docs/sites/ssl.html
[2] https://laracasts.com/discuss/channels/forge/setting-up-lets-encrypt-on-forge
[3] https://laracasts.com/discuss/channels/forge/cant-generate-ssl-certificate
[4] https://www.youtube.com/watch?v=Gt-av0xiEFY
[5] https://forge.laravel.com