diff --git a/src/js/setupdns.js b/src/js/setupdns.js
index 678b8b3e2..498869e24 100644
--- a/src/js/setupdns.js
+++ b/src/js/setupdns.js
@@ -24,7 +24,9 @@ app.controller('SetupDNSController', ['$scope', '$http', '$timeout', 'Client', f
     $scope.hyphenatedSubdomains = false;
     $scope.tlsProvider = [
         { name: 'Let\'s Encrypt Prod', value: 'letsencrypt-prod' },
+        { name: 'Let\'s Encrypt Wildcard Prod', value: 'letsencrypt-prod-wildcard' },
         { name: 'Let\'s Encrypt Staging', value: 'letsencrypt-staging' },
+        { name: 'Let\'s Encrypt Wildcard Staging', value: 'letsencrypt-staging-wildcard' },
         { name: 'Self-Signed', value: 'fallback' }, // this is not 'Custom' because we don't allow user to upload certs during setup phase
     ];
 
@@ -146,7 +148,16 @@ app.controller('SetupDNSController', ['$scope', '$http', '$timeout', 'Client', f
             data.token = $scope.dnsCredentials.nameComToken;
         }
 
-        Client.setupDnsConfig($scope.dnsCredentials.domain, $scope.dnsCredentials.zoneName, provider, data, $scope.dnsCredentials.tlsConfig, function (error) {
+        var tlsConfig = {
+            provider: $scope.dnsCredentials.tlsConfig.provider,
+            wildcard: false
+        };
+        if ($scope.dnsCredentials.tlsConfig.provider.indexOf('-wildcard') !== -1) {
+            tlsConfig.provider = tlsConfig.provider.replace('-wildcard', '');
+            tlsConfig.wildcard = true;
+        }
+
+        Client.setupDnsConfig($scope.dnsCredentials.domain, $scope.dnsCredentials.zoneName, provider, data, tlsConfig, function (error) {
             if (error && error.statusCode === 401) {
                 $scope.dnsCredentials.busy = false;
                 $scope.error = 'Wrong instance id provided.';
diff --git a/src/setupdns.html b/src/setupdns.html
index 99a011338..89270f87f 100644
--- a/src/setupdns.html
+++ b/src/setupdns.html
@@ -148,15 +148,13 @@
                                 </div>
 
                                 <!-- Wildcard -->
-                                <p ng-show="dnsCredentials.provider === 'wildcard'">
+                                <p class="small text-info" ng-show="dnsCredentials.provider === 'wildcard'">
                                     <span>Setup A records for <b>*.{{ dnsCredentials.domain || 'example.com' }}</b> and <b>{{ dnsCredentials.domain || 'example.com' }}</b> to this server's IP.</span>
                                 </p>
 
                                 <!-- Manual -->
-                                <p ng-show="dnsCredentials.provider === 'manual'">
-                                    <span>
-                                        Setup an A record for <b>my.{{ dnsCredentials.domain || 'example.com' }}</b> to this server's IP.<br/>
-                                    </span>
+                                <p class="small text-info" ng-show="dnsCredentials.provider === 'manual'">
+                                    <span>Setup an A record for <b>my.{{ dnsCredentials.domain || 'example.com' }}</b> to this server's IP.<br/></span>
                                 </p>
 
                                 <div ng-show="provider === 'ami'">
@@ -188,6 +186,7 @@
                                     <div class="form-group">
                                         <label class="control-label">Certificate Provider</label>
                                         <select class="form-control" ng-model="dnsCredentials.tlsConfig.provider" ng-options="a.value as a.name for a in tlsProvider" ng-disabled="dnsCredentials.busy"></select>
+                                        <small class="text-info" ng-show="dnsCredentials.tlsConfig.provider === 'letsencrypt-prod' || dnsCredentials.tlsConfig.provider === 'letsencrypt-staging'">Let's Encrypt requires your server to be reachable on port 80</small>
                                     </div>
                                 </div>
                                 <div class="text-center">
diff --git a/src/views/domains.html b/src/views/domains.html
index 43381d3cd..b2f469a49 100644
--- a/src/views/domains.html
+++ b/src/views/domains.html
@@ -84,11 +84,11 @@
               <input type="text" class="form-control" ng-model="domainConfigure.nameComToken" name="nameComToken" ng-disabled="domainConfigure.busy" ng-minlength="1" ng-required="domainConfigure.provider === 'namecom'">
             </div>
 
-            <p ng-show="domainConfigure.provider === 'wildcard'">
+            <p class="small text-info" ng-show="domainConfigure.provider === 'wildcard'">
                 Setup <i>A</i> records for <b>*.{{ domainConfigure.newDomain || domainConfigure.domain.domain }}</b> and <b>{{ domainConfigure.newDomain || domainConfigure.domain.domain }}</b> to this server's IP.
             </p>
 
-            <p ng-show="domainConfigure.provider === 'manual'">
+            <p class="small text-info" ng-show="domainConfigure.provider === 'manual'">
                 <b>All DNS records have to be setup manually before each app installation.</b>
             </p>
 
@@ -110,6 +110,7 @@
               <div class="form-group">
                 <label class="control-label">Certificate Provider</label>
                 <select class="form-control" ng-model="domainConfigure.tlsConfig.provider" ng-options="a.value as a.name for a in tlsProvider"></select>
+                <small class="text-info" ng-show="domainConfigure.tlsConfig.provider === 'letsencrypt-prod' || domainConfigure.tlsConfig.provider === 'letsencrypt-staging'">Let's Encrypt requires your server to be reachable on port 80</small>
               </div>
 
               <!-- Fallback certificate -->
diff --git a/src/views/domains.js b/src/views/domains.js
index a2b007fe8..84dd8b322 100644
--- a/src/views/domains.js
+++ b/src/views/domains.js
@@ -8,9 +8,12 @@ angular.module('Application').controller('DomainsController', ['$scope', '$locat
     $scope.config = Client.getConfig();
     $scope.domains = [];
     $scope.ready = false;
+    // currently, validation of wildcard with various provider is done server side
     $scope.tlsProvider = [
         { name: 'Let\'s Encrypt Prod', value: 'letsencrypt-prod' },
+        { name: 'Let\'s Encrypt Wildcard Prod', value: 'letsencrypt-prod-wildcard' },
         { name: 'Let\'s Encrypt Staging', value: 'letsencrypt-staging' },
+        { name: 'Let\'s Encrypt Wildcard Staging', value: 'letsencrypt-staging-wildcard' },
         { name: 'Custom Wildcard Certificate', value: 'fallback' },
     ];
 
@@ -153,6 +156,9 @@ angular.module('Application').controller('DomainsController', ['$scope', '$locat
                 $scope.domainConfigure.provider = domain.provider;
 
                 $scope.domainConfigure.tlsConfig.provider = domain.tlsConfig.provider;
+                if (domain.tlsConfig.provider.indexOf('letsencrypt') === 0) {
+                    if (domain.tlsConfig.wildcard) $scope.domainConfigure.tlsConfig.provider += '-wildcard';
+                }
                 $scope.domainConfigure.zoneName = domain.zoneName;
 
                 $scope.domainConfigure.hyphenatedSubdomains = !!domain.config.hyphenatedSubdomains;
@@ -216,10 +222,19 @@ angular.module('Application').controller('DomainsController', ['$scope', '$locat
                 };
             }
 
+            var tlsConfig = {
+                provider: $scope.domainConfigure.tlsConfig.provider,
+                wildcard: false
+            };
+            if ($scope.domainConfigure.tlsConfig.provider.indexOf('-wildcard') !== -1) {
+                tlsConfig.provider = tlsConfig.provider.replace('-wildcard', '');
+                tlsConfig.wildcard = true;
+            }
+
             // choose the right api, since we reuse this for adding and configuring domains
             var func;
-            if ($scope.domainConfigure.adding) func = Client.addDomain.bind(Client, $scope.domainConfigure.newDomain, $scope.domainConfigure.zoneName, provider, data, fallbackCertificate, $scope.domainConfigure.tlsConfig);
-            else func = Client.updateDomain.bind(Client, $scope.domainConfigure.domain.domain, $scope.domainConfigure.zoneName, provider, data, fallbackCertificate, $scope.domainConfigure.tlsConfig);
+            if ($scope.domainConfigure.adding) func = Client.addDomain.bind(Client, $scope.domainConfigure.newDomain, $scope.domainConfigure.zoneName, provider, data, fallbackCertificate, tlsConfig);
+            else func = Client.updateDomain.bind(Client, $scope.domainConfigure.domain.domain, $scope.domainConfigure.zoneName, provider, data, fallbackCertificate, tlsConfig);
 
             func(function (error) {
                 $scope.domainConfigure.busy = false;