DNS Terms
Address Record (A Record): A domain name that maps to an IPv4 address.
CName (Canonical Name): Root domain. The subdomain of maps.google.com, will have a CNAME value of google.com. Therefore, when a DNS hits maps.google.com, it will trigger another DNS lookup for google.com.
Let’s Encrypt: A free certificate authority that issues SSL certificates.
HTTP-01 Challenge: This is the most common challenge type today. Let’s Encrypt gives a token to your ACME client, and your ACME client puts a file on your web server at http://<YOUR_DOMAIN>/.well-known/acme-challenge/<TOKEN>. That file contains the token, plus a thumbprint of your account key. Once your ACME client tells Let’s Encrypt that the file is ready, Let’s Encrypt tries retrieving it (potentially multiple times from multiple vantage points). If our validation checks get the right responses from your web server, the validation is considered successful and you can go on to issue your certificate. However, Let’s Encrypt doesn’t let you use this challenge to issue wildcard certificates. Also, if you have multiple web servers, you have to make sure the file is available on all of them.
DNS-01 Challenge: This challenge asks you to prove that you control the DNS for your domain name by putting a specific value in a TXT record under that domain name. It is harder to configure than HTTP-01, but can work in scenarios that HTTP-01 can’t. It also allows you to issue wildcard certificates. After Let’s Encrypt gives your ACME client a token, your client will create a TXT record derived from that token and your account key, and put that record at _acme-challenge.<YOUR_DOMAIN>. Then Let’s Encrypt will query the DNS system for that record.
Wildcard Domain: a record that answers DNS requests for any subdomain you haven’t already defined. You can create wildcard A records and CNAME records by entering an asterisk in the Host field. For example, if you create the wildcard A record *.google.com and someone visits https://maps.google.com, their request will resolve to the IP address you specified as the answer.