To enable a Letsencrypt wildcard certificate do the following steps
Create NEW wildcard certificate
1a. Create a DNS entry *.[DOMAIN_NAME].[DOMAIN_EXTENSION]
for example *.plaatsoft.nl
2a. Run following certbot command to create a wildcard certificate
sudo certbot certonly -d ‘*.[DOMAIN_NAME]’ –manual
3a. Certbot will ask you to add an extra DNS entry (TXT) with a unique token
Add this record in your DNS
4a. Check with dig tool if DNS record is available (This can take some time)
sudo dig _acme-challenge.[DOMAIN_NAME].[DOMAIN_EXTENSION]
5a. Press “yes”. Then wildcard certifate is created
6a. Add new certificate to Apache or HaProxy.
7a. Case closed
UPGRADE existing wildcard certifcate
1b. Remove DNS TXT record (Updating it does not work, is my experience)
2b. Check with dig tool if DNS record is really removed (This can take some time)
sudo dig _acme-challenge.[DOMAIN_NAME].[DOMAIN_EXTENSION]
3b. Go to Step 2a