How to use Wildcard SSL on ubuntu 20.04

I want to LEMP wordpress with wildcard in ubuntu 20.04 bu it is not installing wildcard.
here is the reference that i am taking https://www.gulshankumar.net/install-wordpress-with-lemp-on-ubuntu-18-04/

Updated SSL commands for Ubuntu 20.04

I am done with all the steps but i face ssl handshake error and also code to install nginx is missing. Please update the codes and help me to fix SSL handshake failed error

Keep Cloudflare in DNS only mode instead proxy. You can try again.

Looks like there was a typo, I have fixed it.

Can you please elaborate how to do cloudflare dns only mode

In Cloudflare Dashboard > Navigate to DNS page > Click on Orange Cloud and make it Gray

i had done that also, but it gives Error code: SSL_ERROR_RX_RECORD_TOO_LONG this error

What is site URL?

shivendratenguria .com

Ok, I am checking …

and what we need to select in cloudflare flexible or full?

Full strict (Always). [This doesn’t matter when we have DNS only mode.]

Type below command

ls /etc/letsencrypt/live/shivendratenguria.com

Do you see output?

cert.pem chain.pem fullchain.pem privkey.pem README

yes i got root@ubuntu-s-1vcpu-1gb-blr1-01:~# ls /etc/letsencrypt/live/shivendratenguria.com
README cert.pem chain.pem fullchain.pem privkey.pem

List existing block

ls /etc/nginx/sites-ava*

paste here whole config wrapped with ```

cat shivendratenguria.com
fastcgi_cache_path /var/www/html/shivendratenguria/cache levels=1:2 keys_zone=shivendra:100m inactive=6h;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;

server {
    listen         80;
    return 301 https://$host$request_uri;
}
server {
root /var/www/html/shivendratenguria;
index index.php index.html index.htm;
server_name shivendratenguria.com;
client_max_body_size 0;

    listen [::]:443 ssl http2 ipv6only=on;
    listen 443 ssl http2;
        ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_certificate /etc/letsencrypt/live/shivendratenguria.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/shivendratenguria.com/privkey.pem;
        ssl_prefer_server_ciphers on;
        ssl_session_cache   shared:SSL:20m;
        ssl_session_timeout 20m;
        ssl_ciphers 'TLS13+AESGCM+AES128:EECDH+AES128';

error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;


set $skip_cache 0;
    if ($request_method = POST) {set $skip_cache 1;}
    if ($request_uri ~* "/wp-admin/|/xmlrpc.php|/wp-.*.php|index.php|sitemap(_index)?.xml") {set $skip_cache 1;}
    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {set $skip_cache 1;}

location / {
        try_files $uri $uri/ /index.php?$args;
}

# Pass all .php files onto a php-fpm or php-cgi server
location ~* \.php$ {
        try_files                       $uri =404;
        include                         /etc/nginx/fastcgi_params;
        fastcgi_param                   SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_pass                    unix:/run/php/php7.4-fpm-site1.sock;
        fastcgi_index                   index.php;
                fastcgi_cache_bypass $skip_cache;
                fastcgi_no_cache $skip_cache;
                fastcgi_cache shivendratenguria;
                fastcgi_cache_valid 200 301 24h;
                add_header X-Cache $upstream_cache_status;

}

location = /favicon.ico {
log_not_found off;
access_log off;
}

location = /robots.txt {
log_not_found off;
access_log off;
allow all;
}

location ~* .(css|gif|ico|svg|jpeg|jpg|js|png)$ {
expires 1y;
log_not_found off;
}

# Enable Gzip compression.
gzip on;

# Disable Gzip on IE6.
gzip_disable "msie6";

# Allow proxies to cache both compressed and regular version of file.
# Avoids clients that don't support Gzip outputting gibberish.
gzip_vary on;

# Compress data, even when the client connects through a proxy.
gzip_proxied any;

# The level of compression to apply to files. A higher compression level increases
# CPU usage. Level 5 is a happy medium resulting in roughly 75% compression.
gzip_comp_level 5;

# Compress the following MIME types.
gzip_types
 application/atom+xml
 application/javascript
 application/json
 application/ld+json
 application/manifest+json
 application/rss+xml
 application/vnd.geo+json
 application/vnd.ms-fontobject
 application/x-font-ttf
 application/x-web-app-manifest+json
 application/xhtml+xml
 application/xml
 font/opentype
 image/bmp
 image/svg+xml
 image/x-icon
 text/cache-manifest
 text/css
 text/plain
 text/vcard
 text/vnd.rim.location.xloc
 text/vtt
 text/x-component
 text/x-cross-domain-policy;
}

What is output here?

ls /etc/nginx/sites-enabled

I want to check if symlink file are there or not

give me the email, i will mail you all shh key with all details

keys_zone and fastcgi_cache both were supposed to be the same but it was different so that was causing issues

Resolved.