diff --git a/pkg/issuer/acme/prepare.go b/pkg/issuer/acme/prepare.go
index 4a7189b86..941c20921 100644
--- a/pkg/issuer/acme/prepare.go
+++ b/pkg/issuer/acme/prepare.go
@@ -282,8 +282,7 @@ func (a *Acme) selectChallengesForAuthorizations(ctx context.Context, cl client.
 	chals := make([]v1alpha1.ACMEOrderChallenge, len(allAuthorizations))
 	var errs []error
 	for i, authz := range allAuthorizations {
-		domain := authz.Identifier.Value
-		cfg, err := acmeSolverConfiguration(crt.Spec.ACME, domain)
+		cfg, err := acmeSolverConfigurationForAuthorization(crt.Spec.ACME, authz)
 		if err != nil {
 			errs = append(errs, err)
 			continue
@@ -299,6 +298,7 @@ func (a *Acme) selectChallengesForAuthorizations(ctx context.Context, cl client.
 			}
 		}
 
+		domain := authz.Identifier.Value
 		if challenge == nil {
 			errs = append(errs, fmt.Errorf("ACME server does not allow selected challenge type for domain %q", domain))
 			continue
@@ -496,7 +496,11 @@ func getRemainingAuthorizations(ctx context.Context, cl client.Interface, urls .
 	return authzs, nil
 }
 
-func acmeSolverConfiguration(cfg *v1alpha1.ACMECertificateConfig, domain string) (*v1alpha1.ACMESolverConfig, error) {
+func acmeSolverConfigurationForAuthorization(cfg *v1alpha1.ACMECertificateConfig, authz *acme.Authorization) (*v1alpha1.ACMESolverConfig, error) {
+	domain := authz.Identifier.Value
+	if authz.Wildcard {
+		domain = "*." + domain
+	}
 	for _, d := range cfg.Config {
 		for _, dom := range d.Domains {
 			if dom != domain {
diff --git a/test/e2e/certificate/certificate_acme_dns01.go b/test/e2e/certificate/certificate_acme_dns01.go
index a2d1f9d11..ba59102c2 100644
--- a/test/e2e/certificate/certificate_acme_dns01.go
+++ b/test/e2e/certificate/certificate_acme_dns01.go
@@ -172,8 +172,6 @@ var _ = framework.CertManagerDescribe("ACME Certificate (DNS01)", func() {
 				},
 			},
 		})
-		// temporary hack whilst cert-manager does not understand wildcard domains in config
-		cert.Spec.ACME.Config[0].Domains = []string{dnsName}
 		cert, err := f.CertManagerClientSet.CertmanagerV1alpha1().Certificates(f.Namespace.Name).Create(cert)
 		Expect(err).NotTo(HaveOccurred())
 		f.WaitCertificateIssuedValid(cert)