apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: le-issuer
spec:
  acme:
    # The ACME server URL
    server: https://acme-v02.api.letsencrypt.org/directory
    # Email address used for ACME registration
    email: acme@gmem.ca
    # Name of a secret used to store the ACME account private key
    privateKeySecretRef:
      name: letsencrypt-pro
    # Enable the HTTP-01 challenge provider
    solvers:
    - selector:
        dnsZones:
          - "gmem.ca"
      dns01:
        cloudflare:
          apiTokenSecretRef:
            name: cloudflare-cert-api
            key: api-token
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: gmem-ca-wildcard
spec:
  secretName: gmem-ca-wildcard
  issuerRef: 
    kind: Issuer
    name: le-issuer
  commonName: "*.gmem.ca"
  dnsNames:
    - "*.gmem.ca"